dl.baixaki.com.br

Financeiro GrupoNZN

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the RIPE Network Coordination Centre network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Server location:
Dublin City, Ireland (IE)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.NOZEBRANETWORKA.m, PUP.InstallCore.RE (M), PUP.installCore.NOZEBRANETWORKA (M), PUP.InstallCore (M), PUP.OpenCandy (M), PUP.installCore.NOZEBRAN (M), Threat.Win.Reputation.IMP, PUP.installCore (M)
85.71%

Dr.Web
Adware.InstallCore.53, Adware.InstallCore.43, Adware.InstallCore.75, Adware.InstallCore.76, Adware.InstallCore.72, Adware.InstallCore.80
40.82%

VIPRE Antivirus
InstallCore, Adware.InstallCore, Trojan.Win32.Generic, Threat.4150696
34.69%

Avira AntiVirus
Adware/Installco.AB, Adware/InstallCo.AB, Adware/Baxia.A, ADWARE/InstallCore.Gen, PUA/InstallCo.AB, Adware/InstallCo.LA, Adware/InstallBai.A
34.69%

ESET NOD32
Win32/InstallCore.AY (variant), Win32/InstallCore.BA (variant), Win32/InstallCore.AY potentially unwanted (variant), Win32/InstallCore.AZ (variant)
34.69%

Vba32 AntiVirus
BScope.Malware-Cryptor.InstallCore.2691, Malware-Cryptor.InstallCore.9
32.65%

F-Prot
W32/InstallCore.V2.gen, W32/InstallCore.P.gen, W32/InstallCore.P2.gen
26.53%

Trend Micro House Call
TROJ_GEN.RCBH1J8, TROJ_GEN.R0CBB01G314, TROJ_GEN.F47V1025, HV_INSTALLBAI_CA082DAB.TOMC, TROJ_GEN.F47V1005, TROJ_GEN.R047C0EC315, TROJ_GEN.FCBCBKH, HV_INSTALLCOR_BL1328C7.TOMC
26.53%

SUPERAntiSpyware
Adware.InstallCore/Variant, Trojan.Agent/Gen-Artemis, PUP.AdBundle
24.49%

Jiangmin
Trojan/Generic.axddl, Backdoor/Huigezi.2007.aguz, Trojan/Generic.awqun
22.45%

Comodo Security
ApplicUnwnt.Win32.AdWare.Baxia.A, UnclassifiedMalware
18.37%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.Generic.v.(kcloud)
18.37%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
18.37%

NANO AntiVirus
Trojan.Win32.InstallCore.cofivl, Trojan.Win32.InstallCore.cruxxw, Trojan.Win32.InstallCore.cqleod, Trojan.Win32.InstallCore.cqqkpf
18.37%

Agnitum Outpost
PUA.InstallCore
16.33%

The domain dl.baixaki.com.br has been seen to resolve to the following 39 IP addresses.

5d.75.2da9.ip4.static.sl-reverse.com
May 17, 2016

107.154.113.89.ip.incapdns.net
May 15, 2016

107.154.112.89.ip.incapdns.net
May 15, 2016

a184-28-17-226.deploy.static.akamaitechnologies.com
April 17, 2016

April 4, 2016

April 4, 2016

a184-28-17-187.deploy.static.akamaitechnologies.com
April 1, 2016

a23-62-7-19.deploy.static.akamaitechnologies.com
February 21, 2016

a23-62-7-65.deploy.static.akamaitechnologies.com
February 21, 2016

a184-51-126-105.deploy.static.akamaitechnologies.com
February 14, 2016

a184-51-126-83.deploy.static.akamaitechnologies.com
February 11, 2016

a184-51-126-82.deploy.static.akamaitechnologies.com
February 11, 2016

a23-0-160-83.deploy.static.akamaitechnologies.com
February 11, 2016

a184-28-17-160.deploy.static.akamaitechnologies.com
February 8, 2016

a184-28-17-210.deploy.static.akamaitechnologies.com
February 8, 2016

January 30, 2016

January 30, 2016

a184-51-126-59.deploy.static.akamaitechnologies.com
January 30, 2016

a184-51-126-51.deploy.static.akamaitechnologies.com
January 30, 2016

a23-0-160-25.deploy.static.akamaitechnologies.com
January 28, 2016

a23-0-160-42.deploy.static.akamaitechnologies.com
January 28, 2016

s3-1.amazonaws.com
June 30, 2015

s3-1.amazonaws.com
May 15, 2015

s3-1.amazonaws.com
May 6, 2015

s3-1.amazonaws.com
February 1, 2015

s3-1.amazonaws.com
January 25, 2015

s3-1.amazonaws.com
December 26, 2014

s3-1.amazonaws.com
December 1, 2014

s3-1.amazonaws.com
October 24, 2014

s3-1.amazonaws.com
October 20, 2014

 
Showing 30 of 39 IP Addresses

File downloads found at URLs served by dl.baixaki.com.br.

1 / 68      (Adware)

8 / 68      (PUP)

18 / 68    (Adware)

8 / 68      (PUP)

1 / 68      (Adware)

15 / 68    (PUP)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../bsplayer-263-build-1071-baixaki-32-bits.exe  (icreinstall_bsplayer-263-build-1071-baixaki-32-bits.exe)

1 / 68      (Adware)

6 / 68      (Adware)

7 / 68      (Adware)

1 / 68      (Adware)

8 / 68      (PUP)

1 / 68      (Adware)

5 / 68      (Adware)

1 / 68      (Malware)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../point-blank-20-baixaki-32-bits.exe  (icreinstall_point-blank-20-baixaki-32-bits.exe)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

8 / 68      (PUP)

9 / 68      (PUP)

1 / 68      (Malware)

23 / 68    (PUP)

 
Latest 30 of 149 download URLs

The following 289 files have been seen to comunicate with dl.baixaki.com.br in live environments.

 
Latest 20 of 314 files

URL:
http://dl.baixaki.com.br/

Google Analytics:
UA-144680

Title:
“Baixaki - Download e Jogos”

Description:
“Baixaki Download - Download de jogos, programas, papis de parede, aplicativos e mais.”

Network:
Amazon Web Services (AWS)

Web server:
Microsoft-IIS/8.5