gqszhq-dm2306.files.1drv.com

Microsoft Corporation

Domain Information

The domain gqszhq-dm2306.files.1drv.com registered by Microsoft Corporation was initially registered in August of 2013 through MARKMONITOR INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Redmond, Washington within the United States which resides on the Microsoft Corporation network.
Registrar:
MARKMONITOR INC.

Server location:
Washington, United States (US)

Create date:
Monday, August 5, 2013

Expires date:
Friday, August 5, 2016

Updated date:
Sunday, July 5, 2015

ASN:
AS8075 MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation,US

Root domain:

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

McAfee
Artemis!DE9E9A36ACB1
100.00%

AhnLab V3 Security
HackTool/Win32.Crack
100.00%

ESET NOD32
MSIL/HackTool.IdleKMS (variant)
100.00%

Reason Heuristics
KeycodeTool.ByELDI (M)
100.00%

The domain gqszhq-dm2306.files.1drv.com has been seen to resolve to the following IP address.

a-0011.a-msedge.net
May 26, 2016

File downloads found at URLs served by gqszhq-dm2306.files.1drv.com.

4 / 68      (Malware)
https://gqszhq-dm2306.files.1drv.com/.../kms.exe  (kmspico.v10.beta2.install.exe)

The following 100 files have been seen to comunicate with gqszhq-dm2306.files.1drv.com in live environments.

 
Latest 20 of 113 files

URL:
http://gqszhq-dm2306.files.1drv.com/

SSL certificate subject:
CN=storage.live.com, OU=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=WA, C=US

SSL certificate issuer:
CN=Microsoft IT SSL SHA2, OU=Microsoft IT, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Web server:
Microsoft-IIS/8.5