www.yacss.com

YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Domain Information

The domain www.yacss.com registered by YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service) was initially registered in July of 2014 through HICHINA ZHICHENG TECHNOLOGY LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Washington, District of Columbia within the United States which resides on the ThePlanet.com Internet Services, Inc. network.
Registrar:
HICHINA ZHICHENG TECHNOLOGY LTD.

Server location:
District of Columbia, United States (US)

Create date:
Monday, July 7, 2014

Expires date:
Sunday, July 7, 2019

Updated date:
Monday, February 1, 2016

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.EE, PUP.Optional.Installer.ELEX, Win32.Generic.Installer.ELEX, Threat.Installer.ELEX, Win32.Generic.Installer.ELEX.Meta
100.00%

Malwarebytes
FraudTool.YAC, PUP.Optional.ELEX, Fraudtool.YAC
76.92%

McAfee
Artemis!C41D9685B72B, Artemis!E497222C8947, Artemis!DD797EEDB4B2, Trojan.Artemis!3C8EE7D0777C, Artemis!ACF97CFAB8DC
38.46%

Dr.Web
Adware.Mutabaha.163, Adware.Mutabaha.174, Adware.Mutabaha.384
38.46%

ESET NOD32
Win32/ELEX.CC potentially unwanted (variant), Win32/ELEX.CZ potentially unwanted (variant)
38.46%

Trend Micro House Call
Suspicious_GEN.F47V0330, Suspicious_GEN.F47V0420, Suspicious_GEN.F47V0421, Suspicious_GEN.F47V0511, TROJ_GEN.R02KC0OCK15
38.46%

K7 AntiVirus
Trojan
30.77%

AhnLab V3 Security
PUP/Win32.Generic
30.77%

Avira AntiVirus
TR/Elex.1031096, APPL/Elex.jjsd, TR/Elex.868176
23.08%

Bkav FE
W32.HfsAdware
23.08%

avast!
Win32:Rootkit-gen [Rtk], Win32:Adware-gen [Adw]
15.38%

Agnitum Outpost
Riskware.Agent
15.38%

Fortinet FortiGate
Riskware/Elex
15.38%

herdProtect (fuzzy)
a variant of dc0fbe8128549c921514e0ea56e9e5f5d59c201d
7.69%

Kaspersky
not-a-virus:Downloader.Win32.Elex
7.69%

The domain www.yacss.com has been seen to resolve to the following 2 IP addresses.

184.173.128.179-static.reverse.softlayer.com
December 2, 2014

184.173.128.178-static.reverse.softlayer.com
December 2, 2014

File downloads found at URLs served by www.yacss.com.

7 / 68      (PUP)
http://www.yacss.com/.../6519400  (yet_another_cleaner_sk.exe)

1 / 68      (PUP)
http://www.yacss.com/.../2611617  (yet_another_cleaner_sk_276085.exe)

11 / 68    (PUP)
http://www.yacss.com/.../6639080  (yet_another_cleaner_hdr.exe)

8 / 68      (PUP)
http://www.yacss.com/.../7059241  (yet_another_cleaner_sk_0.exe)

4 / 68      (PUP)
http://www.yacss.com/.../6151981  (yet_another_cleaner_sk_2633406.exe)

3 / 68      (PUP)
http://www.yacss.com/.../5995729  (yet_another_cleaner_sk_0.exe)

15 / 68    (PUP)
http://www.yacss.com/.../7140400  (yet_another_cleaner_sk_1367929.exe)

11 / 68    (PUP)
http://www.yacss.com/.../6484996  (yet_another_cleaner_hdr.exe)

6 / 68      (PUP)
http://www.yacss.com/.../yet_another_cleaner_sk.exe  (yet_another_cleaner_sk_42219.exe)

3 / 68      (PUP)
http://www.yacss.com/.../5937948  (yet_another_cleaner_sk_0.exe)

3 / 68      (PUP)
http://www.yacss.com/.../863939  (yet_another_cleaner_sk_3485311.exe)

4 / 68      (PUP)

9 / 68      (PUP)
http://www.yacss.com/.../5005685  (yet_another_cleaner_sk_0.exe)

1 / 68      (PUP)
http://www.yacss.com/.../6263664  (yet_another_cleaner_sk_276085.exe)

1 / 68      (PUP)
http://www.yacss.com/.../5022161  (yet_another_cleaner_sk_276085.exe)

1 / 68      (PUP)
http://www.yacss.com/.../95039  (yet_another_cleaner_bhj.exe)

1 / 68      (PUP)
http://www.yacss.com/.../47190  (yet_another_cleaner_sk_1931711.exe)

The following 65 files have been seen to comunicate with www.yacss.com in live environments.

 
Latest 20 of 73 files

Facebook:
Likes:  1,420
Shares:  1,550
Comments:  643

Statistics are for the previous month.