home

cdn.ibryte.com

Director TechOps

Domain Information

The domain cdn.ibryte.com registered by Director TechOps was initially registered in March of 2008 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in San Jose, California within the United States which resides on the CDNetworks Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Sunday, March 9, 2008

Expires date:
Thursday, March 9, 2017

Updated date:
Monday, February 8, 2016

ASN:
AS36408 CDNETWORKSUS-02 - CDNetworks Inc.,US

Root domain:
ibryte.com

Whois:
1 ibryte.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallX.Bundle, PUP.PriceGong.M
66.67%

Bkav FE
W32.Clod966.Trojan
33.33%

Microsoft Security Essentials
Adware:Win32/PriceGong
33.33%

Malwarebytes
PUP.Optional.OpenCandy
33.33%

Total Defense
Win32/Tnega.cQfcTZC
33.33%

avast!
Win32:Adware-gen [Adw]
33.33%

NANO AntiVirus
Trojan.Win32.Risk.dodayo
33.33%

ViRobot
Trojan.Win32.A.VB.19420364[h]
33.33%

VIPRE Antivirus
Opencandy
33.33%

G Data
Win32.Adware.OpenCandy
33.33%

Baidu Antivirus
Hacktool.Win32.OpenCandy
33.33%

ESET NOD32
Win32/OpenCandy potentially unsafe
33.33%

Fortinet FortiGate
W32/OpenCandy
33.33%

The domain cdn.ibryte.com has been seen to resolve to the following 4 IP addresses.

66.114.52.21
April 5, 2016

174.35.27.74
April 5, 2016

66.114.52.5
February 27, 2016

174.35.27.75
February 27, 2016

File downloads found at URLs served by cdn.ibryte.com.

2 / 68      (Adware)
http://cdn.ibryte.com/bundles/.../pricegong_v3.exe  (36e9a9447e4cf0ba746d6e07151f41dc)

2 / 68      (PUP)
http://cdn.ibryte.com/bundles/.../7zip.exe  (7z920.exe)

10 / 68    (PUP)
http://cdn.ibryte.com/bundles/.../aMSN.exe  (646a002f404933a7323f17f3c8acb412)

The following 23 files have been seen to comunicate with cdn.ibryte.com in live environments.

TCP » 66.114.52.5:80
tools_update.exe

TCP » 66.114.52.21:80
1468567241.exe

TCP » 66.114.52.5:80
1468567241.exe

TCP » 66.114.52.5:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 174.35.27.74:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.5:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.5:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.21:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.21:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.5:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 174.35.27.74:80
umbrella282_upd.exe (Iminent Service by Iminent)

TCP » 174.35.27.74:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.21:80
umbrella282_upd.exe (Iminent Service by Iminent)

TCP » 66.114.52.5:80
umbrella282_upd.exe (Iminent Service by Iminent)

TCP » 174.35.27.75:80
umbrella282_upd.exe (Iminent Service by Iminent)

TCP » 66.114.52.21:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 174.35.27.75:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.21:80
claraupdater_new.exe (ClaraUpdater by ClaraLabs)

TCP » 174.35.27.74:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 174.35.27.75:80
1468567241.exe

 
Latest 20 of 81 files

URL:
http://cdn.ibryte.com/

Web server:
PWS/8.1.36

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.