home

cdn.wuji.com

Xiamen eName Network Co., Ltd.

Domain Information

The domain cdn.wuji.com registered by Xiamen eName Network Co., Ltd. was initially registered in August of 1998 through ENAME TECHNOLOGY CO., LTD.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Nanjing, Jiangsu within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
ENAME TECHNOLOGY CO., LTD.

Server location:
Jiangsu, China (CN)

Create date:
Monday, August 24, 1998

Expires date:
Sunday, August 23, 2015

Updated date:
Friday, February 15, 2013

Root domain:
wuji.com

Whois:
2 wuji.com records

Google Safe Browsing:
unwanted

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

MicroWorld eScan
Gen:Variant.Graftor.141172, Gen:Variant.Strictor.72872
100.00%

Bitdefender
Gen:Variant.Graftor.141172, Gen:Variant.Strictor.72872
100.00%

Lavasoft Ad-Aware
Gen:Variant.Graftor.141172, Gen:Variant.Strictor.72872
100.00%

Emsisoft Anti-Malware
Gen:Variant.Graftor.141172, Gen:Variant.Strictor.72872
100.00%

G Data
Gen:Variant.Graftor.141172, Gen:Variant.Strictor.72872
100.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
100.00%

IKARUS anti.virus
Win32.SuspectCrc, Graftor, PUA.WuJi
100.00%

Malwarebytes
Trojan.Agent
80.00%

McAfee
Artemis!F477A93DCAD1, Artemis!1B6BCD8A3C88, Artemis!574776444F4C, PUP-FNT
80.00%

Trend Micro House Call
TROJ_GEN.F47V0528, Suspicious_GEN.F47V0704, Suspicious_GEN.F47V0617, TROJ_SPNV.03LU14
80.00%

F-Secure
Gen:Variant.Graftor.141172, Gen:Variant.Strictor.72872
80.00%

F-Prot
W32/Zbot.PM.gen
40.00%

Reason Heuristics
Threat.Win.Reputation.IMP
40.00%

Agnitum Outpost
Riskware.Agent
20.00%

Sophos
Generic PUA LO
20.00%

The domain cdn.wuji.com has been seen to resolve to the following 4 IP addresses.

222.186.60.60
September 4, 2014

222.186.60.18
May 31, 2014

222.186.60.28
May 31, 2014

222.186.60.23
May 31, 2014

File downloads found at URLs served by cdn.wuji.com.

20 / 68    (PUP)
http://cdn.wuji.com:6677/wuji/.../???_5268.exe  (setup_867.exe)

13 / 68    (Malware)
http://cdn.wuji.com:6677/wuji/.../setup_4611-19.exe  (setup_3157.exe)

13 / 68    (Malware)
http://cdn.wuji.com:6677/wuji/.../setup_3157.exe  (574776444f4ce882a40d1841fccfddfb)

13 / 68    (Malware)
http://cdn.wuji.com:6677/wuji/.../setup_4130.exe  (setup_304.exe)

13 / 68    (Malware)
http://cdn.wuji.com:6677/wuji/.../??HD_4630.exe  (setup_3157.exe)

11 / 68    (Malware)
http://cdn.wuji.com:6677/wuji/.../setup_3157.exe  (高清观看_4800.exe)

13 / 68    (Malware)
http://cdn.wuji.com:6677//wuji/.../766zy_4771.exe  (setup_3157.exe)

8 / 68      (Malware)
http://cdn.wuji.com:6677/wuji/.../setup_3157.exe  (b8f305467576e32463ae58327a976cd6)

URL:
http://cdn.wuji.com/

Title:
“游戏网站:无极游戏网_最大的游戏门户网站”

Description:
“无极游戏网致力于打造中国最大的游戏网站,主要为游戏玩家提供手机游戏、网页游戏、游戏活动、游戏礼包等资讯,游戏网站实时更新,保证为您提供最新、最好玩的游戏。”

Web server:
Microsoft-IIS/8.0 (ASP.NET) (Version: 4.0.30319)

9415jia.com

yinyue.fm

kan83.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.