url.goosai.com

DotMedia Limited

Domain Information

The domain url.goosai.com registered by DotMedia Limited was initially registered in March of 2015 through MAFF INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Hangzhou, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
MAFF INC.

Server location:
Zhejiang, China (CN)

Create date:
Saturday, March 21, 2015

Expires date:
Tuesday, March 21, 2017

Updated date:
Thursday, December 31, 2015

ASN:
AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Malware distribution  (80% detected)

Scan engine
Details
Detections

G Data
Win32.Adware.Qjwmonkey, Gen:Variant.Application.Bundler.84
50.00%

avast!
Win32:Adware-gen [Adw]
50.00%

Dr.Web
Adware.Qjwmonkey.58, Adware.Qjwmonkey.64
50.00%

Reason Heuristics
nbsp;
50.00%

ESET NOD32
Win32/Adware.Qjwmonkey.B application
25.00%

Rising Antivirus
PE:Adware.Qjwmonkey!1.A299 [F]
25.00%

MicroWorld eScan
Gen:Variant.Application.Bundler.84
25.00%

Zillya! Antivirus
Adware.Qjwmonkey.Win32.120
25.00%

AegisLab AV Signature
Gen.Variant.Application!c
25.00%

K7 AntiVirus
Adware
25.00%

Arcabit
Trojan.Application.Bundler.84
25.00%

Agnitum Outpost
PUA.Qjwmonkey
25.00%

ESET NOD32
Win32/Adware.Qjwmonkey (variant)
25.00%

Clam AntiVirus
Win.Adware.Agent-1388374
25.00%

Bitdefender
Gen:Variant.Application.Bundler.84
25.00%

The domain url.goosai.com has been seen to resolve to the following 5 IP addresses.

May 26, 2016

May 26, 2016

May 26, 2016

February 19, 2016

February 19, 2016

File downloads found at URLs served by url.goosai.com.

1 / 68      (Malware)
http://url.goosai.com/.../Microsoft Visual C 2008|vc2008??@168_10972.exe  (microsoft+office+2003+sp3【完整版】简体中文免费版@135_18204.exe)

1 / 68      (Malware)
http://url.goosai.com/.../???????@34_154803.exe  (视频转换快手@83_65.exe)

5 / 68      (PUP)
http://url.goosai.com/.../«??»?CG??@55_48891.exe  (口袋妖怪xy中文版+3ds版@158_75610.exe)

19 / 68    (PUP)
http://url.goosai.com/.../??????@133_28559.exe  (qt4.6.22.17784@81_212101.exe)

URL:
http://url.goosai.com/

Web server:
nginx