bookjpg.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain bookjpg.com is registered by proxy through ENOM, INC. and was originally registered in March of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Kowloon, Hong Kong (Sar) within Hong Kong which resides on the Asia Pacific Network Information Centre network.
Registrar:
ENOM, INC.

Server location:
Hong Kong (Sar), Hong Kong (HK)

Create date:
Monday, March 10, 2014

Expires date:
Tuesday, March 10, 2015

Updated date:
Monday, March 10, 2014

ASN:
AS26481 REBEL-HOSTING - Rebel Hosting,US

Scanner detections:
Detections  (80% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.PaymentsInteractiveSL.E, PUP.Tuguu.PaymentsInteractive.Bundler (M), PUP.Tuguu.Payments.Bundler (M)
80.00%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
20.00%

F-Secure
Application:W32/Generic.70053c248f!Online
20.00%

MicroWorld eScan
Gen:Variant.Application.Bundler.DomaIQ.3
20.00%

McAfee
Adware-DomaIQ!BC6F06B8CA7F
20.00%

Malwarebytes
PUP.Optional.BundleInstaller.A
20.00%

K7 Gateway Antivirus
Unwanted-Program
20.00%

K7 AntiVirus
Unwanted-Program
20.00%

NANO AntiVirus
Trojan.Win32.Stealer.cwxrck
20.00%

Kaspersky
not-a-virus:AdWare.Win32.Lollipop
20.00%

Bitdefender
Gen:Variant.Application.Bundler.DomaIQ.3
20.00%

Agnitum Outpost
PUA.Lollipop
20.00%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DomaIQ.3
20.00%

F-Secure
Gen:Variant.Application.Bundler
20.00%

Dr.Web
Trojan.DownLoader9.62498
20.00%

The domain bookjpg.com has been seen to resolve to the following IP address.

May 1, 2014

File downloads found at URLs served by bookjpg.com.

1 / 68      (Adware)
http://bookjpg.com/.../Java.exe  (5e4e08aca9c046bab16f037475ea2ec4)

2 / 68      (false positives)

1 / 68      (Adware)
http://bookjpg.com/.../Java.exe  (7af16bdf119c1d8801f2d7f4b0fe34f7)

1 / 68      (Adware)
http://bookjpg.com/.../Java.exe  (517fd6843954befb9286c1b4a7d2fa04)

23 / 68    (Adware)
http://bookjpg.com/.../Java.exe  (bc6f06b8ca7f4d00bcfc9ed5b2a1dc03)

URL:
http://bookjpg.com/

Web server:
nginx