This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the RIPE Network Coordination Centre network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrant:
Financeiro GrupoNZN
Server location:
Dublin City, Ireland (IE)
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.
Scanner detections:
Detections (98% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.NOZEBRANETWORKA.m, PUP.InstallCore.RE (M), PUP.installCore.NOZEBRANETWORKA (M), PUP.InstallCore (M), PUP.OpenCandy (M), PUP.installCore.NOZEBRAN (M), Threat.Win.Reputation.IMP, PUP.installCore (M)
85.71%
Dr.Web
Adware.InstallCore.53, Adware.InstallCore.43, Adware.InstallCore.75, Adware.InstallCore.76, Adware.InstallCore.72, Adware.InstallCore.80
40.82%
VIPRE Antivirus
InstallCore, Adware.InstallCore, Trojan.Win32.Generic, Threat.4150696
34.69%
Avira AntiVirus
Adware/Installco.AB, Adware/InstallCo.AB, Adware/Baxia.A, ADWARE/InstallCore.Gen, PUA/InstallCo.AB, Adware/InstallCo.LA, Adware/InstallBai.A
34.69%
ESET NOD32
Win32/InstallCore.AY (variant), Win32/InstallCore.BA (variant), Win32/InstallCore.AY potentially unwanted (variant), Win32/InstallCore.AZ (variant)
34.69%
Vba32 AntiVirus
BScope.Malware-Cryptor.InstallCore.2691, Malware-Cryptor.InstallCore.9
32.65%
F-Prot
W32/InstallCore.V2.gen, W32/InstallCore.P.gen, W32/InstallCore.P2.gen
26.53%
Trend Micro House Call
TROJ_GEN.RCBH1J8, TROJ_GEN.R0CBB01G314, TROJ_GEN.F47V1025, HV_INSTALLBAI_CA082DAB.TOMC, TROJ_GEN.F47V1005, TROJ_GEN.R047C0EC315, TROJ_GEN.FCBCBKH, HV_INSTALLCOR_BL1328C7.TOMC
26.53%
SUPERAntiSpyware
Adware.InstallCore/Variant, Trojan.Agent/Gen-Artemis, PUP.AdBundle
24.49%
Comodo Security
ApplicUnwnt.Win32.AdWare.Baxia.A, UnclassifiedMalware
18.37%
Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
18.37%
NANO AntiVirus
Trojan.Win32.InstallCore.cofivl, Trojan.Win32.InstallCore.cruxxw, Trojan.Win32.InstallCore.cqleod, Trojan.Win32.InstallCore.cqqkpf
18.37%
Agnitum Outpost
PUA.InstallCore
16.33%
Fortinet FortiGate
Riskware/InstallCore
16.33%
K7 AntiVirus
Unwanted-Program, Unwanted-Program , Trojan
14.29%
The domain dl.baixaki.com.br has been seen to resolve to the following 39 IP addresses.
5d.75.2da9.ip4.static.sl-reverse.com
May 17, 2016
107.154.113.89.ip.incapdns.net
May 15, 2016
107.154.112.89.ip.incapdns.net
May 15, 2016
a184-28-17-226.deploy.static.akamaitechnologies.com
April 17, 2016
a184-28-17-187.deploy.static.akamaitechnologies.com
April 1, 2016
a23-62-7-19.deploy.static.akamaitechnologies.com
February 21, 2016
a23-62-7-65.deploy.static.akamaitechnologies.com
February 21, 2016
a184-51-126-105.deploy.static.akamaitechnologies.com
February 14, 2016
a184-51-126-83.deploy.static.akamaitechnologies.com
February 11, 2016
a184-51-126-82.deploy.static.akamaitechnologies.com
February 11, 2016
a23-0-160-83.deploy.static.akamaitechnologies.com
February 11, 2016
a184-28-17-160.deploy.static.akamaitechnologies.com
February 8, 2016
a184-28-17-210.deploy.static.akamaitechnologies.com
February 8, 2016
a184-51-126-59.deploy.static.akamaitechnologies.com
January 30, 2016
a184-51-126-51.deploy.static.akamaitechnologies.com
January 30, 2016
a23-0-160-25.deploy.static.akamaitechnologies.com
January 28, 2016
a23-0-160-42.deploy.static.akamaitechnologies.com
January 28, 2016
s3-1.amazonaws.com
June 30, 2015
s3-1.amazonaws.com
May 15, 2015
s3-1.amazonaws.com
May 6, 2015
s3-1.amazonaws.com
February 1, 2015
s3-1.amazonaws.com
January 25, 2015
s3-1.amazonaws.com
December 26, 2014
s3-1.amazonaws.com
December 1, 2014
s3-1.amazonaws.com
October 24, 2014
s3-1.amazonaws.com
October 20, 2014
Showing 30 of 39 IP Addresses
File downloads found at URLs served by dl.baixaki.com.br.
Latest 30 of 149 download URLs
The following 289 files have been seen to comunicate with dl.baixaki.com.br in live environments.
URL:
http://dl.baixaki.com.br/
Google Analytics:
UA-144680
Title:
“Baixaki - Download e Jogos”
Description:
“Baixaki Download - Download de jogos, programas, papis de parede, aplicativos e mais.”
Network:
Amazon Web Services (AWS)
Web server:
Microsoft-IIS/8.5
Related Domains