The domain cdn.msdwnld.com registered by HUSH IP LLC was initially registered in November of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrar:
PSI-USA, INC. DBA DOMAIN ROBOT
Server location:
Nord-Pas-De-Calais, France (FR)
Create date:
Monday, November 10, 2014
Expires date:
Thursday, November 10, 2016
Updated date:
Wednesday, July 1, 2015
ASN:
AS16276 OVH OVH SAS,FR
Scanner detections:
Detections (69% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.MetaInstaller.BB, PUP.Vittalia.MetaInstaller (M), Threat.Win.Reputation.IMP, PUP.SINPERFUMSUNITED.Installer (M), PUP.Vittalia.MetaInstaller.Installer (M), PUP.Vittalia.MetaInst.Bundler (M)
66.67%
Dr.Web
Adware.Downware.908, Adware.Downware.441, VBS.StartPage.26, Detection.Undefined
44.44%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
38.89%
Trend Micro House Call
TROJ_GEN.RCBH1LN, TROJ_GEN.F47V0824, TROJ_GEN.F47V0918, TROJ_GEN.F47V1024, HV_STARTPAGE_CI1944B7.RDXN
33.33%
McAfee
Artemis!2061D8A3DB61, Artemis!B0FFBA1625C3, Artemis!285551BA653E, Artemis!A162301A9003
27.78%
ESET NOD32
Win32/Toolbar.Babylon, VBS/StartPage.NFN
27.78%
Clam AntiVirus
WIN.Adware.Solimba-3
16.67%
SUPERAntiSpyware
Trojan.Agent/Gen-Startpage
16.67%
Norman
Suspicious.UE
11.11%
Baidu Antivirus
Trojan.Win32.Toolbar.Babylon
11.11%
NANO AntiVirus
Trojan.Win32.Downware.baxmbd, Trojan.Script.StartPage.dqaano
11.11%
IKARUS anti.virus
Trojan.VBS.StartPage, Virus.VBS.StartPage
11.11%
Kaspersky
Trojan.VBS.StartPage
5.56%
The domain cdn.msdwnld.com has been seen to resolve to the following 6 IP addresses.
districdn.com
November 16, 2013
ks3099036.kimsufi.com
November 16, 2013
ks3095701.kimsufi.com
November 16, 2013
ks23656.kimsufi.com
November 16, 2013
165.Red-81-45-18.staticIP.rima-tde.net
November 16, 2013
File downloads found at URLs served by cdn.msdwnld.com.
The following file have been seen to comunicate with cdn.msdwnld.com in live environments.
URL:
http://cdn.msdwnld.com/
Google Analytics:
UA-48689684
Related Domains
30 of 618 related domains