home

chaosium.com

PERFECT PRIVACY, LLC  (Proxy Registrant)

Domain Information

The domain chaosium.com is registered by proxy through Network Solutions, LLC and was originally registered in October of 1996. Currently this domain has been known to host various forms of malware. The hosted servers are located in Washington, District of Columbia within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
Network Solutions, LLC

Server location:
District of Columbia, United States (US)

Create date:
Tuesday, October 22, 1996

Expires date:
Friday, October 21, 2022

Updated date:
Friday, June 27, 2014

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Whois:
2 chaosium.com records

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Qihoo 360 Security
HEUR/Malware.QVM19.Gen, HEUR/Malware.QVM10.Gen, Win32/Trojan.Multi.daf, Win32/Backdoor.117, Win32/Trojan.e6d, Win32/Trojan.c27
93.33%

Trend Micro House Call
TROJ_GEN.F47V0128, TROJ_GEN.F47V0131, TROJ_GEN.F47V0203, TROJ_GEN.F47V0124, TROJ_SPNR.06B414, TROJ_SPNR.06AR14, TROJ_SPNR.06BE14
86.67%

Kaspersky
Trojan.Win32.Agent, Trojan.Win32.Yakes, HEUR:Trojan.Win32.Generic, Trojan.Win32.Inject, Trojan-Spy.Win32.Zbot
86.67%

McAfee
Artemis!1E60C5FF84E5, BackDoor-FBRK!85861148F29B, Artemis!ADDE2AF3B122, Dowloader-FEX, PWSZbot-FRH!807B7CA64A39, PWSZbot-FRH!3DFD00525D71
86.67%

Emsisoft Anti-Malware
Trojan.GenericKD.1536484, Trojan.GenericKD.1547970, Trojan.GenericKD.1515739, Trojan.Inject.APV, Gen:Variant.Adware.Symmi.38378
86.67%

ESET NOD32
Win32/Kryptik.BUBT (variant), Win32/Injector.AWZH (variant), Win32/Napolar, Win32/Injector.AWDE (variant), Win32/Injector.AWOF (variant)
86.67%

Baidu Antivirus
HackTool.Win32.Packer, Trojan.Win32.Agent, Trojan.Win32.Injector, Trojan.Win32.Napolar, Trojan.Win32.Zbot
80.00%

MicroWorld eScan
Trojan.GenericKD.1536484, Trojan.GenericKD.1547970, Trojan.GenericKD.1515739, Trojan.Inject.APV, Gen:Variant.Adware.Symmi.38378
80.00%

Bitdefender
Trojan.GenericKD.1536484, Trojan.GenericKD.1547970, Trojan.GenericKD.1515739, Trojan.Inject.APV, Gen:Variant.Adware.Symmi.38378
80.00%

Lavasoft Ad-Aware
Trojan.GenericKD.1536484, Trojan.GenericKD.1547970, Trojan.GenericKD.1515739, Trojan.Inject.APV, Gen:Variant.Adware.Symmi.38378
80.00%

VIPRE Antivirus
Trojan.Win32.Generic, Trojan.Win32.Fareit.if, Worm.Win32.Dorkbot.b, Threat.4150696, Trojan.Win32.Injector.awxd
80.00%

G Data
Trojan.GenericKD.1536484, Trojan.GenericKD.1547970, Trojan.GenericKD.1515739, Trojan.Inject.APV, Gen:Variant.Adware.Symmi.38378
80.00%

Malwarebytes
Trojan.Inject.ED, Spyware.Zbot, Trojan.Injector.ED, Spyware.ZeuS, Trojan.Zbot, Trojan.Agent.ED, Spyware.Zbot.ED
80.00%

Microsoft Security Essentials
Trojan:Win32/Napolar.A, VirTool:Win32/CeeInject, Trojan:Win32/Bulta!rfn, VirTool:Win32/Injector.EP, Threat.Undefined
80.00%

Comodo Security
UnclassifiedMalware, TrojWare.Win32.Injector.AWLZ, TrojWare.Win32.Injector.AYNT, TrojWare.Win32.Injector.AWMK, Backdoor.Win32.Androm.CXV
73.33%

The domain chaosium.com has been seen to resolve to the following 3 IP addresses.

192.200.184.61
August 19, 2014

174.36.193.88
chaosium.com
May 30, 2014

209.213.127.16
chaosium.com
April 4, 2014

File downloads found at URLs served by chaosium.com.

36 / 68    (Malware)
http://chaosium.com/?1cgqoqe2sg=0561a3d1f865c822a4d499cd  (video_player_upgrade.exe)

34 / 68    (Malware)
http://chaosium.com/?cw8rinrx1=13cb036299  (video_player_upgrade.exe)

6 / 68      (Malware)
http://chaosium.com/?1oqrqd7o7n=7f0713cbeafac  (video_player_upgrade.exe)

7 / 68      (Malware)
http://chaosium.com/?ji7hr05=8181aecb3566c  ({800e6ae9-2934-8564-b224-bab1800e6ae9}.exe)

34 / 68    (Malware)
http://chaosium.com/?fqobxe1mdb=4e1baef0b2c100bf  (video_player_upgrade.exe)

34 / 68    (PUP)
http://chaosium.com/?swoaz4ba2ictw=d3628f974f3f  (video_player_upgrade.exe)

36 / 68    (Malware)
http://chaosium.com/?nlvh8h=f728db508  (video_upgrader.exe)

36 / 68    (Malware)
http://chaosium.com/?afr5g99=fd0c4f699b29202  (video_player_upgrade.exe)

40 / 68    (Malware)
http://chaosium.com/?5o4fx14vo3d97d=9f4673a55d0  (video_player_upgrade.exe)

6 / 68      (Malware)
http://chaosium.com/?g8nz4vfi6cx0afbe=5d2171  (video_player_upgrade.exe)

35 / 68    (PUP)
http://chaosium.com/?rmc2pnm=3fcc116eeec78f271331a0d5  (video_player_upgrade.exe)

6 / 68      (Malware)
http://chaosium.com/?5neub4lx62j=b91f4b4368f8d5479bccc7f1  ({5412b260-8eb8-14dc-a5a9-bf285412b260}.exe)

34 / 68    (Malware)
http://chaosium.com/?oyfhsm=d7f747  (video_player_upgrade.exe)

34 / 68    (Malware)
http://chaosium.com/?lta3z6x2mwan43=092ee92af37a682da0  (video_player_upgrade.exe)

36 / 68    (Malware)
http://chaosium.com/?feg91vg3og1ccc=4dac0983  (video_player_upgrade.exe)

20 / 68    (Malware)
http://chaosium.com/?nxk7airun4u8wnp=f8c9e73daad6a704cff2  ({d5d45d37-b62d-81ee-c3b9-1609d5d45d37}.exe)

29 / 68    (Malware)
http://chaosium.com/?8aiqwpziyugp=988a3d5266863  ({d3828b7b-524d-bab8-1c48-7610d3828b7b}.exe)

17 / 68    (Malware)
http://chaosium.com/?odsent7f6=eccb031692ed8c8b3e5a  (video_player_upgrade.exe)

April 4, 2014
catalog.chaosium.com

URL:
http://chaosium.com/

Title:
“Chaosium Inc.”

Description:
“A publisher of books and games since 1975”

SSL certificate subject:
CN=www.chaosium.com, O=Chaosium Inc., L=Hayward, S=California, C=US, SERIALNUMBER=C0951605, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US

SSL certificate issuer:
CN=GeoTrust EV SSL CA - G4, O=GeoTrust Inc., C=US

Web server:
nginx

Facebook:
Likes:  1,585
Shares:  503
Comments:  318

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.