home

url.tudown.com

Domain Information

Server location:
Zhejiang, China (CN)

ASN:
AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN

Root domain:
tudown.com

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
nbsp;
50.00%

Dr.Web
Adware.Qjwmonkey.83, Adware.Qjwmonkey.79, Adware.Qjwmonkey.82
50.00%

ESET NOD32
Win32/Adware.Qjwmonkey.C application
33.33%

avast!
Win32:Adware-gen [Adw]
33.33%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.84
16.67%

Norman
Gen:Variant.Application.Bundler.84
16.67%

Bkav FE
W32.HfsAdware
16.67%

MicroWorld eScan
Gen:Variant.Application.Bundler.84
16.67%

Zillya! Antivirus
Adware.Qjwmonkey.Win32.159
16.67%

K7 AntiVirus
Adware
16.67%

Arcabit
Trojan.Application.Bundler.84
16.67%

Baidu Antivirus
Win32.Adware.Qjwmonkey
16.67%

ESET NOD32
Win32/Adware.Qjwmonkey (variant)
16.67%

Kaspersky
not-a-virus:HEUR:Adware.Win32.Tpyn
16.67%

Bitdefender
Gen:Variant.Application.Bundler.84
16.67%

The domain url.tudown.com has been seen to resolve to the following 5 IP addresses.

120.27.186.114
August 26, 2016

139.196.242.34
June 27, 2016

123.57.144.183
June 27, 2016

120.26.107.125
June 27, 2016

112.74.68.204
June 27, 2016

File downloads found at URLs served by url.tudown.com.

1 / 68      (Malware)
http://url.tudown.com/.../???????????133_26080.exe  (adobe+cc+2015+激活补丁@135_50325.exe)

1 / 68      (Malware)
http://url.tudown.com/.../???6?????@141_3441.exe  (p2p种子搜索神器@25_67533.exe)

4 / 68      (PUP)
http://url.tudown.com/.../WinRAR@83_10347.exe  (朱天才解读太极拳—朱天才+著@155_1302541.exe)

1 / 68      (Malware)
http://url.tudown.com/.../????5:?? ??MOD?????@141_65666.exe  (edius下载@25_67035.exe)

1 / 68      (Malware)
http://url.tudown.com/.../activex??@134_8184.exe  (edius下载@25_67035.exe)

27 / 68    (PUP)
http://url.tudown.com/.../?????????@34_130941.exe  (风越文件批量改名器@34_130941.exe)

1 / 68      (Malware)
http://url.tudown.com/.../BitSpirit@83_5405.exe  (edius下载@25_67035.exe)

1 / 68      (Malware)
http://url.tudown.com/.../????? AV VCS 3.0 ????? ???????@67_27652.exe  (edius下载@25_67035.exe)

3 / 68      (PUP)
http://url.tudown.com/.../coreldraw x8?????? ?????@156_457797.exe  (coreldraw+x8零售版注册机+绿色免费版@156_457797.exe)

1 / 68      (Malware)
http://url.tudown.com/.../????DVD@83_27678.exe  (edius下载@25_67035.exe)

1 / 68      (Malware)
http://url.tudown.com/.../????2?????@168_528.exe  (edius下载@25_67035.exe)

33lc.com

3h3.com

goosai.com

xpgod.com

tduou.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.