» qwhk8.xiazaicdn.ren
Overview
Analysis
IPs Addresses (4)
Downloads (1)
Network (5)
Related Domains (8)

qwhk8.xiazaicdn.ren

Domain Information

Server location:

Guangxi, China (CN)

ASN:

AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd.,CN

Root domain:

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP (M)

100.00%

The domain qwhk8.xiazaicdn.ren has been seen to resolve to the following 4 IP addresses.

December 15, 2015

AY140721104848Z

December 15, 2015

December 15, 2015

December 15, 2015

File downloads found at URLs served by qwhk8.xiazaicdn.ren.

1 / 68 (Malware)

http://qwhk8.xiazaicdn.ren/.../LA6xC (setup_0072syqk.exe)

The following 5 files have been seen to comunicate with qwhk8.xiazaicdn.ren in live environments.

TCP » 121.40.120.230:80

迅捷微信聊天记录恢复器3.2绿色版@304_170929.exe (Downloader)

TCP » 121.40.120.230:80

setup_0425nner.exe

TCP » 121.40.120.230:80

setup_1603iqun.exe

TCP » 121.40.120.230:80

setup_0736clcv.exe

TCP » 121.40.120.230:80

setup_0796rroi.exe

Related Domains

3ddianshiji.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.