» url.goosai.com
Overview
Analysis
IPs Addresses (5)
Downloads (5)
Website Detail
Related Domains (6)

url.goosai.com

DotMedia Limited

Domain Information

The domain url.goosai.com registered by DotMedia Limited was initially registered in March of 2015 through MAFF INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Hangzhou, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.

Registrant:

DotMedia Limited

Registrar:

MAFF INC.

Server location:

Zhejiang, China (CN)

Create date:

Saturday, March 21, 2015

Expires date:

Tuesday, March 21, 2017

Updated date:

Thursday, December 31, 2015

ASN:

AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN

Root domain:

goosai.com

Whois:

1 goosai.com record

Google Safe Browsing:

unwanted

Scanner detections:

Malware distribution (80% detected)

Scan engine

Details

Detections

G Data

Win32.Adware.Qjwmonkey, Gen:Variant.Application.Bundler.84

50.00%

avast!

Win32:Adware-gen [Adw]

50.00%

Dr.Web

Adware.Qjwmonkey.58, Adware.Qjwmonkey.64

50.00%

Reason Heuristics

nbsp;

50.00%

ESET NOD32

Win32/Adware.Qjwmonkey.B application

25.00%

Rising Antivirus

PE:Adware.Qjwmonkey!1.A299 [F]

25.00%

MicroWorld eScan

Gen:Variant.Application.Bundler.84

25.00%

Zillya! Antivirus

Adware.Qjwmonkey.Win32.120

25.00%

AegisLab AV Signature

Gen.Variant.Application!c

25.00%

K7 AntiVirus

Adware

25.00%

Arcabit

Trojan.Application.Bundler.84

25.00%

Agnitum Outpost

PUA.Qjwmonkey

25.00%

ESET NOD32

Win32/Adware.Qjwmonkey (variant)

25.00%

Clam AntiVirus

Win.Adware.Agent-1388374

25.00%

Bitdefender

Gen:Variant.Application.Bundler.84

25.00%

The domain url.goosai.com has been seen to resolve to the following 5 IP addresses.

May 26, 2016

May 26, 2016

May 26, 2016

February 19, 2016

February 19, 2016

File downloads found at URLs served by url.goosai.com.

1 / 68 (Malware)

http://url.goosai.com/.../Microsoft Visual C 2008|vc2008??@168_10972.exe (microsoft+office+2003+sp3【完整版】简体中文免费版@135_18204.exe)

1 / 68 (Malware)

http://url.goosai.com/.../???????@34_154803.exe (视频转换快手@83_65.exe)

5 / 68 (PUP)

http://url.goosai.com/.../«??»?CG??@55_48891.exe (口袋妖怪xy中文版+3ds版@158_75610.exe)

19 / 68 (PUP)

http://url.goosai.com/.../??????@133_28559.exe (qt4.6.22.17784@81_212101.exe)

0 / 68

URL:

http://url.goosai.com/

Web server:

nginx

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.