cnrdn.com

Zhejiang Alibaba Cloud Computing Ltd. (浙江阿里巴巴云计算有限公司)

Domain Information

The domain cnrdn.com registered by Zhejiang Alibaba Cloud Computing Ltd. (浙江阿里巴巴云计算有限公司) was initially registered in November of 2010 through MARKMONITOR INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Hangzhou, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
MARKMONITOR INC.

Server location:
Zhejiang, China (CN)

Create date:
Friday, November 05, 2010

Expires date:
Sunday, November 05, 2017

Updated date:
Monday, October 05, 2015

ASN:
AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd.

Google Safe Browsing:
malware

Scanner detections:
Malware distribution  (52% detected)

Scan engine
Details
Detections

Trend Micro House Call
ADW_SETAPP, TROJ_GEN.F47V0119, TROJ_GEN.F47V0826, TROJ_GEN.F47V0118, TROJ_GEN.F47V0317, TROJ_GEN.F47V0523, TROJ_GEN.F47V0509
61.11%

McAfee
Artemis!87A55CA5C9A1, Artemis!51100B599664, Artemis!409EDD09FB5B, Artemis!C98469800CDC, Artemis!685658F57A4C, Artemis!D16022856F3A, Artemis!87DB0D5F5312, PUP-FNT, Artemis!093F746798DF
55.56%

McAfee Web Gateway
Artemis!87A55CA5C9A1, Artemis!51100B599664, Artemis!409EDD09FB5B, Heuristic.BehavesLike.Win32.Suspicious-PKR.O, Artemis!685658F57A4C
55.56%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Signed-Adware.Hao123.BaiduChinaCo
50.00%

Malwarebytes
Trojan.Downloader.Small, PUP.Optional.ChinAd, Trojan.Agent.NS, PUP.Optional.Chad
44.44%

IKARUS anti.virus
Trojan.SuspectCRC, Win32.Malware, Win32.SuspectCrc
33.33%

Antiy Labs AVL
Trojan/Win32.SGeneric, Trojan[Packed]/Win32.Katusha, Trojan/Win32.TSGeneric
27.78%

Reason Heuristics
Unnamed.Threat.14, PUP.Installer.ShanghaiGaoxinComputerSystemColtd.I, Threat.Win.Reputation.IMP
22.22%

Norman
Malware
16.67%

Sophos
Mal/Behav-044, Mal/Emogen-F
16.67%

F-Prot
W32/SelfStarterInternetTrojan!M, W32/Zbot.PM.gen
16.67%

avast!
Win32:Malware-gen, Win32:Rootkit-gen [Rtk]
16.67%

Kingsoft AntiVirus
Win32.Troj.Adspread.Hh.(kcloud), VIRUS_UNKNOWN, Win32.Troj.Agent.a.(kcloud)
16.67%

MicroWorld eScan
Trojan.Generic.9612330, Gen:Variant.Graftor.141172
11.11%

Bitdefender
Trojan.Generic.9612330, Gen:Variant.Graftor.141172
11.11%

The domain cnrdn.com has been seen to resolve to the following IP address.

January 8, 2014

File downloads found at URLs served by cnrdn.com.

7 / 68      (Malware)
http://cnrdn.com/9jFD  (setup_4611-19.exe)

0 / 68
http://cnrdn.com/GCR6  (baidusd_onlinesetup_sid_30167_silent.exe)

0 / 68
http://cnrdn.com/DZsD  (setup_3d66a117.exe)

8 / 68      (PUP)
http://cnrdn.com/MX9E  (setup697.exe)

6 / 68      (Malware)
http://cnrdn.com/1IgD  (setup_2tu.cc.exe)

0 / 68
http://cnrdn.com/Ry16  (qiqibox_1006.exe)

1 / 68
http://cnrdn.com/GNZE  (yplds_30321.exe)

2 / 68
http://cnrdn.com/d67E  (setup_3dm.com.exe)

7 / 68      (Malware)
http://cnrdn.com/l4aD  (setup_4323.exe)

0 / 68
http://cnrdn.com/Oic5  (jkdsetup.exe)

15 / 68    (Malware)
http://cnrdn.com/5XSE  (setup_3157.exe)

8 / 68      (PUP)
http://cnrdn.com/cDrD  (setup117.exe)

6 / 68      (Malware)
http://cnrdn.com/7jeD  (setup_4652.exe)

8 / 68      (PUP)
http://cnrdn.com/aDrD  (setup697.exe)

7 / 68      (Malware)
http://cnrdn.com/tZbC  (setup_t002.exe)

7 / 68      (Malware)
http://cnrdn.com/7TbD  (setup_4323.exe)

6 / 68      (Malware)
http://cnrdn.com/h0uC  (高清观看_4012.exe)

7 / 68      (PUP)
http://cnrdn.com/rvoC  (setup_50.exe)

0 / 68
http://cnrdn.com/vJrA  (jlgap.exe)

3 / 68      (Malware)
http://cnrdn.com/Qqv7  (it168kp_a_35068.exe)

1 / 68      (inconclusive)
http://cnrdn.com/lvqC  (setup_t014.exe)

2 / 68
http://cnrdn.com/vhx5  (kuping_s_50718.exe)

16 / 68    (PUP)
http://cnrdn.com/huj5  (setup_open_267.exe)

2 / 68
http://cnrdn.com/B2z5  (kuping_s_50718.exe)

2 / 68
http://cnrdn.com/H1z5  (kuping_s_50718.exe)

2 / 68
http://cnrdn.com/YKv5  (kuping_s_50718.exe)

6 / 68      (Malware)
http://cnrdn.com/QTjA  (高清观看_4012.exe)

3 / 68      (inconclusive)
http://cnrdn.com/ZW76  (setup_33lc.exe)

1 / 68      (inconclusive)
http://cnrdn.com/RHcB  (setup_1934.exe)

URL:
http://cnrdn.com/

Web server:
Tengine/1.4.1

Facebook:
Likes:  47
Shares:  189
Comments:  35

Statistics above are for the previous month of January 2017.