home

dl.baixaki.com.br

Financeiro GrupoNZN

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the RIPE Network Coordination Centre network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Server location:
Dublin City, Ireland (IE)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:
baixaki.com.br

Whois:
2 baixaki.com.br records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.NOZEBRANETWORKA.m, PUP.InstallCore.RE (M), PUP.installCore.NOZEBRANETWORKA (M), PUP.InstallCore (M), PUP.OpenCandy (M), PUP.installCore.NOZEBRAN (M), Threat.Win.Reputation.IMP, PUP.installCore (M)
85.71%

Dr.Web
Adware.InstallCore.53, Adware.InstallCore.43, Adware.InstallCore.75, Adware.InstallCore.76, Adware.InstallCore.72, Adware.InstallCore.80
40.82%

VIPRE Antivirus
InstallCore, Adware.InstallCore, Trojan.Win32.Generic, Threat.4150696
34.69%

Avira AntiVirus
Adware/Installco.AB, Adware/InstallCo.AB, Adware/Baxia.A, ADWARE/InstallCore.Gen, PUA/InstallCo.AB, Adware/InstallCo.LA, Adware/InstallBai.A
34.69%

ESET NOD32
Win32/InstallCore.AY (variant), Win32/InstallCore.BA (variant), Win32/InstallCore.AY potentially unwanted (variant), Win32/InstallCore.AZ (variant)
34.69%

Vba32 AntiVirus
BScope.Malware-Cryptor.InstallCore.2691, Malware-Cryptor.InstallCore.9
32.65%

F-Prot
W32/InstallCore.V2.gen, W32/InstallCore.P.gen, W32/InstallCore.P2.gen
26.53%

Trend Micro House Call
TROJ_GEN.RCBH1J8, TROJ_GEN.R0CBB01G314, TROJ_GEN.F47V1025, HV_INSTALLBAI_CA082DAB.TOMC, TROJ_GEN.F47V1005, TROJ_GEN.R047C0EC315, TROJ_GEN.FCBCBKH, HV_INSTALLCOR_BL1328C7.TOMC
26.53%

SUPERAntiSpyware
Adware.InstallCore/Variant, Trojan.Agent/Gen-Artemis, PUP.AdBundle
24.49%

Comodo Security
ApplicUnwnt.Win32.AdWare.Baxia.A, UnclassifiedMalware
18.37%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
18.37%

NANO AntiVirus
Trojan.Win32.InstallCore.cofivl, Trojan.Win32.InstallCore.cruxxw, Trojan.Win32.InstallCore.cqleod, Trojan.Win32.InstallCore.cqqkpf
18.37%

Agnitum Outpost
PUA.InstallCore
16.33%

Fortinet FortiGate
Riskware/InstallCore
16.33%

K7 AntiVirus
Unwanted-Program, Unwanted-Program , Trojan
14.29%

The domain dl.baixaki.com.br has been seen to resolve to the following 39 IP addresses.

169.45.117.93
5d.75.2da9.ip4.static.sl-reverse.com
May 17, 2016

107.154.113.89
107.154.113.89.ip.incapdns.net
May 15, 2016

107.154.112.89
107.154.112.89.ip.incapdns.net
May 15, 2016

184.28.17.226
a184-28-17-226.deploy.static.akamaitechnologies.com
April 17, 2016

65.158.47.32
April 4, 2016

65.158.47.27
April 4, 2016

184.28.17.187
a184-28-17-187.deploy.static.akamaitechnologies.com
April 1, 2016

23.62.7.19
a23-62-7-19.deploy.static.akamaitechnologies.com
February 21, 2016

23.62.7.65
a23-62-7-65.deploy.static.akamaitechnologies.com
February 21, 2016

184.51.126.105
a184-51-126-105.deploy.static.akamaitechnologies.com
February 14, 2016

184.51.126.83
a184-51-126-83.deploy.static.akamaitechnologies.com
February 11, 2016

184.51.126.82
a184-51-126-82.deploy.static.akamaitechnologies.com
February 11, 2016

23.0.160.83
a23-0-160-83.deploy.static.akamaitechnologies.com
February 11, 2016

184.28.17.160
a184-28-17-160.deploy.static.akamaitechnologies.com
February 8, 2016

184.28.17.210
a184-28-17-210.deploy.static.akamaitechnologies.com
February 8, 2016

168.143.242.234
January 30, 2016

168.143.242.224
January 30, 2016

184.51.126.59
a184-51-126-59.deploy.static.akamaitechnologies.com
January 30, 2016

184.51.126.51
a184-51-126-51.deploy.static.akamaitechnologies.com
January 30, 2016

23.0.160.25
a23-0-160-25.deploy.static.akamaitechnologies.com
January 28, 2016

23.0.160.42
a23-0-160-42.deploy.static.akamaitechnologies.com
January 28, 2016

54.231.18.144
s3-1.amazonaws.com
June 30, 2015

54.231.14.160
s3-1.amazonaws.com
May 15, 2015

54.231.18.8
s3-1.amazonaws.com
May 6, 2015

54.231.16.32
s3-1.amazonaws.com
February 1, 2015

54.231.17.24
s3-1.amazonaws.com
January 25, 2015

54.231.16.184
s3-1.amazonaws.com
December 26, 2014

54.231.8.224
s3-1.amazonaws.com
December 1, 2014

54.231.2.64
s3-1.amazonaws.com
October 24, 2014

54.231.16.96
s3-1.amazonaws.com
October 20, 2014

 
Showing 30 of 39 IP Addresses

File downloads found at URLs served by dl.baixaki.com.br.

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../safari-517-baixaki-32-bits.exe  (5b806d48dcd29d26f6052441c98bd9f9)

7 / 68      (PUP)
http://dl.baixaki.com.br/programas/.../maxthon-3452000-baixaki-32-bits.exe  (31c25bbf3ec8129795b3d8a81c53432f)

16 / 68    (Adware)
http://dl.baixaki.com.br/programas/.../photoscape-362-baixaki-32-bits-21920121166.exe  (photoscape-362-baixaki-32-bits-2892012101036.exe)

8 / 68      (PUP)
http://dl.baixaki.com.br/programas/.../picasa-39-build-13612-baixaki-32-bits.exe  (2ff466c88659160a37971c8fca28d75d)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../orbit-downloader-4111-baixaki-32-bits.exe  (536c44fe32aca896f66bbd517893dcd5)

13 / 68    (PUP)
http://dl.baixaki.com.br/programas/.../ares-galaxy-2193043-baixaki-32-bits.exe  (9e8537738e3960b9ac9ae2480a0731ec)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../bsplayer-263-build-1071-baixaki-32-bits.exe  (icreinstall_bsplayer-263-build-1071-baixaki-32-bits.exe)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../xnview-1991-baixaki-32-bits.exe  (92c570beb951146e09c1a00f206eb2c0)

0 / 68
http://dl.baixaki.com.br/programas/.../any-audio-converter-338-baixaki-32-bits.exe  (06dbbb0f42ce033c1a43989e5cf92c73)

6 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../counter-strike-2d-0121-baixaki-32-bits.exe  (7210b02d39fd7860641441f725f97381)

7 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../gta-san-andreas-girls-screensaver-10-baixaki-32-bits.exe  (78ee3c1b0c360d9b55a2b30aec045908)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../any-video-converter-352-baixaki-32-bits.exe  (8612a8bd8d70289b88ae487aff0bfc8a)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../free-youtube-to-mp3-converter-31131917-baixaki-32-bits.exe  (c6d4e2d44ebaaefddf48adf9df2efe9d)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../free-download-manager-39-build-1249-baixaki-32-bits-1810201219659.exe  (adaedb4f8ba8ab594513623ab02bae2e)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../warcraft-iii-the-frozen-throne-patch-126a-baixaki-32-bits.exe  (8101b41e3c9bef720344b3571e568794)

8 / 68      (PUP)
http://dl.baixaki.com.br/programas/.../makeup-pilot-452-baixaki-32-bits-4102012121744.exe  (d2ad6722ce0614e9914b7cc22e7ba05b)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../dreamule-32-baixaki-32-bits.exe  (033d25be644135c7b82bf502760c4eb5)

5 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../virtual-dj-home-free-705-baixaki-32-bits.exe  (053f75a15fac49be92e7cbb21d5f547a)

1 / 68      (Malware)
http://dl.baixaki.com.br/programas/.../gom-player-21435119-baixaki-32-bits.exe  (29d1dde0cd94de89d68c1e4535f83355)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../point-blank-20-baixaki-32-bits.exe  (icreinstall_point-blank-20-baixaki-32-bits.exe)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../any-video-converter-356-baixaki-32-bits.exe  (6ac60458f366a761c7bf34a11871213a)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../songr-1958-baixaki-32-bits-4102012124845.exe  (aa956adcdee39905611a174d23463979)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../free-youtube-download-3134903-baixaki-32-bits.exe  (543da89b024bfe34e2a3a72ff41ebc2b)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../download-accelerator-plus-10044-baixaki-32-bits.exe  (801d061ffb795efdcc2632c671bd313c)

1 / 68      (Adware)
http://dl.baixaki.com.br/programas/.../convertxtodvd-50026-baixaki-32-bits.exe  (6221ac5820a9ee621194f11b944dbfec)

7 / 68      (PUP)
http://dl.baixaki.com.br/programas/.../msn-messenger-75--baixaki-32-bits.exe  (51c20ca4403cfe78ffe327c946e1368b)

8 / 68      (PUP)
http://dl.baixaki.com.br/programas/.../ares-music-331-baixaki-32-bits.exe  (8f1b6e481f6aa79b5ce52bb820b1df23)

1 / 68      (Malware)
http://dl.baixaki.com.br/programas/.../d-book-40-avancado-baixaki-32-bits.exe  (468b63628e70a180a24e287093b25746)

19 / 68    (PUP)
http://dl.baixaki.com.br/programas/.../atube-catcher-291347-baixaki-32-bits.exe  (ec401959610a59c88c9c67f135d232f1)

21 / 68    (PUP)
http://dl.baixaki.com.br/programas/.../messenger-plus--live-5500761-baixaki-32-bits-18102012185644.exe  (34c17ed7f6b825a171adc1abfcbdfe75)

 
Latest 30 of 149 download URLs

The following 289 files have been seen to comunicate with dl.baixaki.com.br in live environments.

TCP » 107.154.113.89:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 184.51.126.82:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.82:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 169.45.117.93:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 107.154.112.89:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 184.51.126.59:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443
messengertime.exe

TCP » 169.45.117.93:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 184.51.126.82:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443
whatsapptime.exe

TCP » 184.51.126.83:443
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 169.45.117.93:80
browser.exe (Speed Browser by Smart Applications)

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 314 files

URL:
http://dl.baixaki.com.br/

Google Analytics:
UA-144680

Title:
“Baixaki - Download e Jogos”

Description:
“Baixaki Download - Download de jogos, programas, papis de parede, aplicativos e mais.”

Network:
Amazon Web Services (AWS)

Web server:
Microsoft-IIS/8.5

akamaized.net

ibxk.com.br

megacurioso.com.br

nozebra.com.br

nzn.me

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.