home

i.kpzip.com

Shanghai Guangle Network Technology Co.,Ltd.

Domain Information

The domain i.kpzip.com registered by Shanghai Guangle Network Technology Co.,Ltd. was initially registered in April of 2014 through XIN NET TECHNOLOGY CORPORATION. The hosted servers are located in Ningbo, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
XIN NET TECHNOLOGY CORPORATION

Server location:
Zhejiang, China (CN)

Create date:
Monday, April 28, 2014

Expires date:
Sunday, April 28, 2024

Updated date:
Sunday, September 6, 2015

ASN:
AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN

Root domain:
kpzip.com

Whois:
1 kpzip.com record

Google Safe Browsing:
malware,unwanted

Scan engine
Details
Detections

Reason Heuristics
PUP.Kuaizip (M)
50.00%

Zillya! Antivirus
Downloader.Agent.Win32.294713, Dropper.Agent.Win32.225158
50.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
25.00%

F-Prot
W32/Warezov.gen2!W32DL
25.00%

K7 AntiVirus
Trojan
25.00%

ESET NOD32
Win32/Inject.NFY (variant)
25.00%

avast!
Win32:Malware-gen
25.00%

Sophos
Mal/Generic-S
25.00%

VIPRE Antivirus
Trojan.Win32.Generic
25.00%

Avira AntiVirus
TR/Dropper.Gen
25.00%

McAfee
Artemis!6D37B4AAA822
25.00%

Fortinet FortiGate
W32/Inject.NFY!tr
25.00%

AVG
Generic_vb
25.00%

The domain i.kpzip.com has been seen to resolve to the following 8 IP addresses.

115.239.253.48
July 18, 2016

115.239.253.47
July 18, 2016

115.239.253.50
July 18, 2016

115.239.253.49
July 18, 2016

183.136.217.13
April 13, 2016

183.136.217.16
April 13, 2016

183.136.217.15
April 13, 2016

183.136.217.14
April 13, 2016

File downloads found at URLs served by i.kpzip.com.

0 / 68
http://i.kpzip.com/n/tui/deskurl/.../deskurl.exe  (d4837c61516da283d471bdd2caff0515)

10 / 68    (Malware)
http://i.kpzip.com/n/tui/llqfavorites/.../llqfav-1.exe  (6d37b4aaa8220dfa3cbe449b4add45aa)

0 / 68
http://i.kpzip.com/n/tui/aiqiyi/.../IQIYIsetup_zs@kb001.exe  (6547e6d370d853ef3ffa5c58ae2a4596)

1 / 68      (PUP)
http://i.kpzip.com/n/tui/.../DaZhanShen.dll  (c9a0cb67d7d3b8113cc8a1fc87ecbed9)

0 / 68
http://i.kpzip.com/n/tui/wangzhidaohang/.../install_1.0.7.1_97437920@kuaiya_02.exe  (87af07131ce1cb8621867f9081955730)

2 / 68      (PUP)
http://i.kpzip.com/.../Kuaizip_Setup_v2.7.82.0.exe  (setup1617.exe)

2 / 68      (inconclusive)
http://i.kpzip.com/n/tui/createurl/.../cr151224-2.exe  (78f408b7ee59c7b296a3bf83432c068d)

URL:
http://i.kpzip.com/

Web server:
nginx/1.4.1

movescount.cn

xp510.com

126.net

downxia.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.