cdn.msdwnld.com

HUSH IP LLC

Domain Information

The domain cdn.msdwnld.com registered by HUSH IP LLC was initially registered in November of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrar:
PSI-USA, INC. DBA DOMAIN ROBOT

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Monday, November 10, 2014

Expires date:
Thursday, November 10, 2016

Updated date:
Wednesday, July 01, 2015

ASN:
AS16276 OVH OVH SAS,FR

Root domain:

Scanner detections:
Detections  (69% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MetaInstaller.BB, PUP.Vittalia.MetaInstaller (M), Threat.Win.Reputation.IMP, PUP.SINPERFUMSUNITED.Installer (M), PUP.Vittalia.MetaInstaller.Installer (M), PUP.Vittalia.MetaInst.Bundler (M)
63.16%

Dr.Web
Adware.Downware.908, Adware.Downware.441, VBS.StartPage.26, Detection.Undefined
42.11%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
36.84%

Trend Micro House Call
TROJ_GEN.RCBH1LN, TROJ_GEN.F47V0824, TROJ_GEN.F47V0918, TROJ_GEN.F47V1024, HV_STARTPAGE_CI1944B7.RDXN
31.58%

McAfee Web Gateway
Artemis!2061D8A3DB61, Artemis!B0FFBA1625C3, Artemis!285551BA653E, Artemis!A162301A9003, BehavesLike.Win32.Virut.cc
31.58%

McAfee
Artemis!2061D8A3DB61, Artemis!B0FFBA1625C3, Artemis!285551BA653E, Artemis!A162301A9003
26.32%

ESET NOD32
Win32/Toolbar.Babylon, VBS/StartPage.NFN
26.32%

Clam AntiVirus
WIN.Adware.Solimba-3
15.79%

SUPERAntiSpyware
Trojan.Agent/Gen-Startpage
15.79%

Norman
Suspicious.UE
10.53%

Baidu Antivirus
Trojan.Win32.Toolbar.Babylon
10.53%

NANO AntiVirus
Trojan.Win32.Downware.baxmbd, Trojan.Script.StartPage.dqaano
10.53%

IKARUS anti.virus
Trojan.VBS.StartPage, Virus.VBS.StartPage
10.53%

AVG
Skodna.ArchSMS
5.26%

ByteHero BDV
Virus.Win32.Part.a
5.26%

The domain cdn.msdwnld.com has been seen to resolve to the following 6 IP addresses.

August 11, 2015

districdn.com
November 16, 2013

ks3099036.kimsufi.com
November 16, 2013

ks3095701.kimsufi.com
November 16, 2013

ks23656.kimsufi.com
November 16, 2013

165.Red-81-45-18.staticIP.rima-tde.net
November 16, 2013

File downloads found at URLs served by cdn.msdwnld.com.

9 / 68      (Malware)

2 / 68      (Malware)

3 / 68      (Malware)

7 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68

1 / 68      (Adware)

1 / 68      (Adware)

3 / 68      (Malware)

1 / 68      (Adware)

0 / 68

1 / 68      (Adware)

5 / 68      (Adware)

2 / 68      (Adware)

8 / 68      (PUP)

9 / 68      (PUP)

9 / 68      (PUP)

6 / 68      (Adware)

The following file have been seen to comunicate with cdn.msdwnld.com in live environments.

URL:
http://cdn.msdwnld.com/

Google Analytics:
UA-48689684

Title:
“msdwnld.com”

Web server:
nginx

30 of 618 related domains