home

filecdn.72zx.com

Riyue peer information technology (Beijing) Co., Ltd

Domain Information

The domain filecdn.72zx.com registered by Riyue peer information technology (Beijing) Co., Ltd was initially registered in December of 2013 through XIAMEN NAWANG TECHNOLOGY CO., LTD. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Tianjin, Tianjin within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
XIAMEN NAWANG TECHNOLOGY CO., LTD

Server location:
Tianjin, China (CN)

Create date:
Sunday, December 15, 2013

Expires date:
Friday, December 15, 2023

Updated date:
Friday, December 5, 2014

ASN:
AS4837 CHINA169-BACKBONE CNCGROUP China169 Backbone,CN

Root domain:
72zx.com

Whois:
1 72zx.com record

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/Gaofenquming.B potentially unwanted (variant), Win32/Gaofenquming.A potentially unwanted (variant)
63.64%

IKARUS anti.virus
Trojan-Banker.Win32.Delf, PUA.Gaofenquming
54.55%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, Threat.4758034
54.55%

avast!
Win32:Malware-gen, Win32:Dropper-gen [Drp], Win32:Sality
54.55%

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
54.55%

K7 AntiVirus
Adware
45.45%

Reason Heuristics
PUP.WangXingang (M), PUP.Gaofenquming (M)
36.36%

Baidu Antivirus
PUA.Win32.Gaofenquming
36.36%

McAfee
Trojan.Artemis!B2EC2D7DC979, Artemis!6B401127E4BD, Artemis!2EA315CEACFD, Trojan.Artemis!E382B1767FBE
36.36%

AVG
Generic, Win32/Sality
36.36%

Emsisoft Anti-Malware
Gen:Variant.Symmi.60792, Win32.Sality
36.36%

ESET NOD32
Win32/Gaofenquming.B potentially unwanted application, Win32/Sality.NBA virus
27.27%

Fortinet FortiGate
Riskware/Gaofenquming
27.27%

MicroWorld eScan
Gen:Variant.Symmi.60792
27.27%

Bitdefender
Gen:Variant.Symmi.60792
27.27%

The domain filecdn.72zx.com has been seen to resolve to the following 7 IP addresses.

171.8.71.205
February 1, 2016

125.39.5.8
no-data
December 1, 2015

60.221.255.254
254.255.221.60.adsl-pool.sx.cn
December 1, 2015

27.209.182.8
December 1, 2015

27.209.182.6
December 1, 2015

125.39.5.36
no-data
December 1, 2015

125.39.5.33
no-data
December 1, 2015

File downloads found at URLs served by filecdn.72zx.com.

3 / 68      (PUP)
http://filecdn.72zx.com/.../360??_30@59990.exe  (adberdr11000_zh_cn_8100000013226950695.exe)

15 / 68    (PUP)
http://filecdn.72zx.com/.../??_37@107983.exe  (sogou_pinyin_79c_8100000377427033054.exe)

8 / 68      (PUP)
http://filecdn.72zx.com/.../??????_30@58262.exe  (mathtype6.9_5100000054476978265.exe)

5 / 68      (PUP)
http://filecdn.72zx.com/.../DirectX????_30@57945.exe  (winrar_5.30_8100000001687019769.exe)

3 / 68      (PUP)
http://filecdn.72zx.com/.../HTC??????_30@65414.exe  (wps2015_8100000619656978100.exe)

15 / 68    (PUP)
http://filecdn.72zx.com/.../??????_30@72062.exe  (winrar_5.30_8100000001687019769.exe)

15 / 68    (PUP)
http://filecdn.72zx.com/.../Foxit_30@31040.exe  (winrar_5.30_8100000001687019769.exe)

15 / 68    (PUP)
http://filecdn.72zx.com/.../????????_30@75576.exe  (sogou_pinyin_79c_8100000377427033054.exe)

5 / 68      (PUP)
http://filecdn.72zx.com/.../???????2???????_33@13849.exe  (winrar_5.30_8100000001687019769.exe)

5 / 68      (PUP)
http://filecdn.72zx.com/.../??5????????_30@60588.exe  (winrar_5.30_8100000001687019769.exe)

11 / 68    (PUP)
http://filecdn.72zx.com/.../????1.8.8???_30@158844.exe  (Setup.exe)

3 / 68      (PUP)
http://filecdn.72zx.com/.../2016????????????????_11@120056.exe  (wps2015_8100000619656978100.exe)

10 / 68    (PUP)
http://filecdn.72zx.com/.../Adobe_31@21631.exe  (vtut6rg9.exe)

15 / 68    (PUP)
http://filecdn.72zx.com/.../??(ip_31@28499.exe  (winrar_5.30_8100000001687019769.exe)

11 / 68    (Malware)
http://filecdn.72zx.com/.../???????4.4.6_32@58024.exe  (小影電腦版下載4.4.6_32@58024.exe)

15 / 68    (PUP)
http://filecdn.72zx.com/.../??????_30@53512.exe  (winrar_5.30_8100000001687019769.exe)

5 / 68      (PUP)
http://filecdn.72zx.com/.../??????_31@44275.exe  (winrar_5.30_8100000001687019769.exe)

15 / 68    (PUP)
http://filecdn.72zx.com/.../????Z??????(???99? ?_33@3795.exe  (winrar_5.30_8100000001687019769.exe)

15 / 68    (PUP)
http://filecdn.72zx.com/.../??3.5????_30@61544.exe  (winrar_5.30_8100000001687019769.exe)

3 / 68      (PUP)
http://filecdn.72zx.com/.../???????|AV_30@11270.exe  (adberdr11000_zh_cn_8100000013226950695.exe)

3 / 68      (PUP)
http://filecdn.72zx.com/.../Microsoft_31@3420.exe  (wps2015_8100000619656978100.exe)

10 / 68    (PUP)
http://filecdn.72zx.com/.../msvcp110.dll_30@103755.exe  (vtut6rg9.exe)

5 / 68      (PUP)
http://filecdn.72zx.com/.../logo????_30@16891.exe  (winrar_5.30_8100000001687019769.exe)

3 / 68      (PUP)
http://filecdn.72zx.com/.../mtp_30@72457.exe  (adberdr11000_zh_cn_8100000013226950695.exe)

5 / 68      (PUP)
http://filecdn.72zx.com/.../v1.71_33@124647.exe  (winrar_5.30_8100000001687019769.exe)

3 / 68      (PUP)
http://filecdn.72zx.com/.../WinRAR官方版_30@47256.exe  (wps2015_8100000619656978100.exe)

1 / 68      (PUP)
http://filecdn.72zx.com/download?webid=11&softid=34434&softname=ASCII???????????  (thunder_dl_7.9.37.4952_8100000512246988255.exe)

4 / 68      (PUP)
http://filecdn.72zx.com/.../??qsv???????_18@15613.exe  (奇艺qsv视频格式转换器_18@15613.exe)

URL:
http://filecdn.72zx.com/

Web server:
nginx

97you.net

cdndown.net

d1xn.com

diyidan.net

duomi.com

eastday.com

glodon.com

imgo.tv

miwifi.com

nonglirili.net

pcjoy.cn

pconline.com.cn

pplive.com

rilibiao.com.cn

shoujiduoduo.com

sogou.com

theworld.cn

wannianli365.com

yingyonghui.com

zhonghuchina.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.