Server location:
Liaoning, China (CN)
ASN:
AS4837 CHINA169-BACKBONE CNCGROUP China169 Backbone,CN
Scanner detections:
Detections (82% detected)
Scan engine
Details
Detections
Reason Heuristics
Adware.Downloader (M)
81.25%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Malware-Cryptor.Inject.gen
43.75%
Trend Micro House Call
TROJ_GEN.F47V0319, TROJ_GEN.F47V0518, Suspicious_GEN.F47V0130, Suspicious_GEN.F47V0301, Suspicious_GEN.F47V0826
31.25%
McAfee
Artemis!09C9A9A79E04, Artemis!093F746798DF, Artemis!FD7114559E9D, Trojan.Artemis!1D2464B9FD32
25.00%
K7 AntiVirus
Trojan-Downloader , Unwanted-Program
12.50%
avast!
Win32:Rootkit-gen [Rtk], Win32:Malware-gen
12.50%
Kaspersky
Trojan-Downloader.NSIS.Chindo
12.50%
IKARUS anti.virus
Trojan.Win32.Pincav, Trojan-Downloader.Chindo
12.50%
Dr.Web
Trojan.KillFiles.28526
12.50%
Clam AntiVirus
Win.Trojan.15173305
12.50%
F-Prot
W32/Zlob.AF.gen
6.25%
Qihoo 360 Security
Trojan.Generic
6.25%
Quick Heal
TrojanDownloader.NSIS.g5
6.25%
ESET NOD32
Win32/Packed.NSISmod.A suspicious application
6.25%
Avira AntiVirus
W32/Infector.Gen4
6.25%
The domain khit.cn has been seen to resolve to the following 61 IP addresses.
42.171.204.221.adsl-pool.sx.cn
July 7, 2015
18.23.204.221.adsl-pool.sx.cn
July 7, 2015
cncln.online.ln.cn
July 7, 2015
16.23.204.221.adsl-pool.sx.cn
May 5, 2015
26.21.204.221.adsl-pool.sx.cn
October 20, 2014
Showing 30 of 61 IP Addresses
File downloads found at URLs served by khit.cn.
The following 6 files have been seen to comunicate with khit.cn in live environments.