gs.mydown.yesky.com

ChongQing Tianji Network Ltd.

Domain Information

The domain gs.mydown.yesky.com registered by ChongQing Tianji Network Ltd. was initially registered in January of 2000 through HICHINA ZHICHENG TECHNOLOGY LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chongqing, Chongqing within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
HICHINA ZHICHENG TECHNOLOGY LTD.

Server location:
Chongqing, China (CN)

Create date:
Wednesday, January 12, 2000

Expires date:
Friday, January 12, 2024

Updated date:
Monday, January 5, 2015

ASN:
AS4134 CHINANET-BACKBONE No.31,Jin-rong Street,CN

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/Gaofenquming.A potentially unwanted (variant), Win32/Gaofenquming.B potentially unwanted (variant)
100.00%

IKARUS anti.virus
Hoax.Win32.ArchSMS, PUA.Gaofenquming
100.00%

K7 AntiVirus
Adware
75.00%

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
75.00%

MicroWorld eScan
Gen:Variant.Symmi.60792
50.00%

Bitdefender
Gen:Variant.Symmi.60792
50.00%

Lavasoft Ad-Aware
Gen:Variant.Symmi.60792
50.00%

Emsisoft Anti-Malware
Gen:Variant.Symmi.60792
50.00%

F-Secure
Gen:Variant.Symmi.60792
50.00%

G Data
Gen:Variant.Symmi.60792
50.00%

Bkav FE
W32.HfsAdware
25.00%

NANO AntiVirus
Riskware.Win32.Downware.dsybfy
25.00%

ViRobot
Adware.Agent.1006456.A[h]
25.00%

Dr.Web
Adware.Downware.10523
25.00%

AhnLab V3 Security
Downloader/Win32.Banload
25.00%

The domain gs.mydown.yesky.com has been seen to resolve to the following 4 IP addresses.

April 15, 2016

April 15, 2016

May 5, 2015

May 5, 2015

File downloads found at URLs served by gs.mydown.yesky.com.

15 / 68    (PUP)
http://gs.mydown.yesky.com/downer_21@404340.exe  (sogou_pinyin_79c_8100000377427033054.exe)

10 / 68    (PUP)

12 / 68    (PUP)

15 / 68    (PUP)
http://gs.mydown.yesky.com/downer_21@33525219.exe  (sogou_pinyin_79c_8100000377427033054.exe)

5 / 68      (PUP)
http://gs.mydown.yesky.com/downer_21@408729.exe  (winrar_5.30_8100000001687019769.exe)

0 / 68

0 / 68

URL:
http://gs.mydown.yesky.com/

Web server:
nginx