home

zone3-14b7.kxcdn.com

proinity GmbH

Domain Information

The domain zone3-14b7.kxcdn.com registered by proinity GmbH was initially registered in January of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Manassas, Virginia within the United States which resides on the Leaseweb USA, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Wednesday, January 30, 2013

Expires date:
Monday, January 30, 2017

Updated date:
Wednesday, November 19, 2014

ASN:
AS30633 LEASEWEB-US - Leaseweb USA, Inc.,US

Root domain:
kxcdn.com

Whois:
1 kxcdn.com record

Scanner detections:
Detections  (75% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Amonitize.OpenSource.Installer (M), PUP.CPUMiner.TheGroup.Installer (M)
58.33%

ESET NOD32
Detection.Undefined, Win32/Sality.NBA virus
41.67%

Dr.Web
infected with Trojan.BtcMine.711, Win32.Sector.30
16.67%

AVG
Adware Generic_r.AVO, Win32/Sality
16.67%

Kaspersky
not-a-virus:RiskTool.Win64.BitCoinMiner
16.67%

Emsisoft Anti-Malware
Win32.Sality
8.33%

Microsoft Security Essentials
Threat.Undefined
8.33%

VIPRE Antivirus
Threat.4721115
8.33%

McAfee
Virus.W32/Sality.gen.z
8.33%

avast!
Win32:Kukacka
8.33%

F-Prot
W32/Sality.gen2
8.33%

Norman
Win32.Sality.3
8.33%

The domain zone3-14b7.kxcdn.com has been seen to resolve to the following 2 IP addresses.

207.244.77.134
hosted-by.Eqserver.com
February 27, 2016

207.244.66.221
February 21, 2016

File downloads found at URLs served by zone3-14b7.kxcdn.com.

11 / 68    (Malware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (9a44875c4f773808df295cb4c0f81080)

1 / 68      (inconclusive)
http://zone3-14b7.kxcdn.com/Zone3.exe  (3ed2d4efc2e4d732669ff6b3aafbfe55)

4 / 68      (PUP)
http://zone3-14b7.kxcdn.com/Zone3.exe  (8fe2d5bc06eca56e65779e0f8949553d)

1 / 68      (inconclusive)
http://zone3-14b7.kxcdn.com/Zone3.exe  (08c9e97e1083b9ae3cf10c72bbda5b95)

1 / 68      (inconclusive)
http://zone3-14b7.kxcdn.com/Zone3.exe  (ff7ce6ef69776ece9e42931c3f47c01c)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (dad88b05b78a9289558076a2e4fbed2c)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (nsxf39f.tmp)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (ms1bcf.tmp.exe)

1 / 68      (PUP)
http://zone3-14b7.kxcdn.com/Zone3.exe  (e83121b52db39c1502b3476001ff3c3c)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (8acfd43a57f6b776a1a50d0abb460849)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (d5c47b8474dd299d0d75e36821d68d59)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (mscde.tmp.exe)

The following 7 files have been seen to comunicate with zone3-14b7.kxcdn.com in live environments.

TCP » 207.244.66.221:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 207.244.77.134:80
apptrailers.exe

TCP » 207.244.77.134:443
browser.exe (speed browser by Fast Applications)

TCP » 207.244.66.221:443
jingling.exe

TCP » 207.244.66.221:80
online-guardian-v2.0.9.exe

TCP » 207.244.77.134:443
apptrailers.exe

TCP » 207.244.66.221:80
kns2fd6.tmp

TCP » 207.244.77.134:443
genieutils.exe

URL:
http://zone3-14b7.kxcdn.com/

Web server:
keycdn-engine

4kdownload.com

abtemplates.com

advanceduninstaller.com

belajarbisnisinternet.com

blumentals.net

com.ua

comicartfans.com

coollinesartwork.com

drivermax.com

ej-technologies.com

f-static.com

gdgsoft.com

gormedia.com

izabelcoin.com

linkscountryclub.com

melodics.com

splashpageart.com

tabulatouch.com

acraffiliates.com

blackchippoker.eu

bunk1.com

celestialuna.com

cofeshow.com

fonearena.com

icons8.com

phbot.org

propersoft.net

tinyumbrella.org

wikidsystems.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.