home

dl1.ms-technology-inc.com

MS Technology Inc.

Domain Information

The domain dl1.ms-technology-inc.com registered by MS Technology Inc. was initially registered in December of 2013 through 1 & 1 INTERNET AG. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Ohio within the United States which resides on the RIPE Network Coordination Centre network.
Registrar:
1&1 INTERNET SE

Server location:
Ohio, United States (US)

Create date:
Saturday, December 7, 2013

Expires date:
Wednesday, December 7, 2016

Updated date:
Saturday, February 13, 2016

ASN:
AS60068 CDN77 Datacamp Limited,GB

Root domain:
ms-technology-inc.com

Whois:
4 ms-technology-inc.com records

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.CompuClever.Optional.Installer.Meta (L), PUP.DownloadFileOpener.MSTechno.Meta (M)
83.33%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
16.67%

F-Secure
Application:W32/Generic.70053c248f!Online
16.67%

Bkav FE
W32.HfsAdware
16.67%

Dr.Web
riskware program Program.Unwanted.728
16.67%

The domain dl1.ms-technology-inc.com has been seen to resolve to the following 17 IP addresses.

185.59.223.27
new-york-20.cdn77.com
May 26, 2016

185.59.223.28
new-york-20.cdn77.com
May 18, 2016

185.59.223.29
new-york-20.cdn77.com
April 16, 2016

185.59.223.21
new-york-20.cdn77.com
April 15, 2016

185.93.0.27
atlanta-4.cdn77.com
April 13, 2016

185.93.0.16
atlanta-3.cdn77.com
April 12, 2016

185.59.223.26
new-york-20.cdn77.com
February 27, 2016

185.59.223.22
new-york-20.cdn77.com
February 21, 2016

185.59.223.24
new-york-2.cdn77.com
February 20, 2016

185.59.223.23
new-york-20.cdn77.com
January 3, 2016

185.93.1.12
chicago-4.cdn77.com
May 5, 2015

37.235.107.13
dallas-2.cdn77.com
May 5, 2015

185.59.223.19
unn-185-59-223-19.cdn77.com
April 7, 2015

37.235.109.13
chicago-4.cdn77.com
December 2, 2014

37.235.108.13
lax-2.cdn77.com
September 7, 2014

37.235.109.10
chicago-4.cdn77.com
September 5, 2014

46.234.113.57
atlanta-4.cdn77.com
September 5, 2014

File downloads found at URLs served by dl1.ms-technology-inc.com.

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_arrset_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_mcmeta_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_xapk_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_pst_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_json_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_apk_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_dmg_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_mf_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_jar_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_gho_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_picasa-thumbsindex_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_rar_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_who'syourdady_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_aboutblank_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_map_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_docx_.exe  (ss2dcsmd.exe)

3 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_class_.exe  (ss2dcsmd.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/videoplayerconverter_setup.exe  (setup_videoplayer.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_exe_.exe  (dfo_setup_frg_.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_iif_.exe  (dfo_setup_frg_.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_fgd_.exe  (dfo_setup_frg_.exe)

2 / 68      (false positives)
http://dl1.ms-technology-inc.com/dfo_setup_properties_.exe  (wrar420.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_blend_.exe  (dfo_setup_frg_.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_tmp_.exe  (dfo_setup_21w_.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/downloadfileopener_setup.exe  (downloadfileopener_setup_rar_.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_wps_.exe  (dfo_setup_21w_.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_dll_.exe  (dfo_setup_21w_.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_dav_.exe  (dfo_setup_21w_.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_7z_.exe  (dfo_setup_21w_.exe)

1 / 68      (PUP)
http://dl1.ms-technology-inc.com/dfo_setup_flac_.exe  (dfo_setup_21w_.exe)

 
Latest 30 of 37 download URLs

The following 20 files have been seen to comunicate with dl1.ms-technology-inc.com in live environments.

TCP » 185.59.223.24:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 185.59.223.26:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 185.59.223.28:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 185.59.223.26:443
jingling.exe

TCP » 185.59.223.24:443
beaglebrowser.exe (BeagleBrowser by The BeagleBrowser Authors)

TCP » 185.59.223.24:443
mustang.exe (Mustang Browser by Rafotech)

TCP » 185.59.223.24:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 185.59.223.24:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 185.59.223.29:443
vosteran.exe

TCP » 185.59.223.29:443
crossbrowse.exe (Crossbrowse)

TCP » 185.59.223.24:443
online-guardian-v2.0.9.exe

TCP » 185.59.223.26:80
Client.exe

TCP » 185.59.223.27:443
online-guardian-v2.0.9.exe

TCP » 185.59.223.29:443
client.exe

TCP » 185.59.223.29:443
bobrowser.exe (BoBrowser by The BoBrowser Authors)

TCP » 185.59.223.29:443
crossbrowse.exe (Crossbrowse)

TCP » 185.59.223.23:80
Launcher.exe (AuraKingdom.to Online by AuraKingdom.To)

TCP » 185.59.223.24:80
browser.exe (Browser)

TCP » 185.59.223.24:443
online-guardian-v2.0.9.exe

TCP » 185.59.223.26:80
unicobrowser.exe (Unico Browser by The Unico Browser Authors)

 
Latest 20 of 33 files

URL:
http://dl1.ms-technology-inc.com/

Web server:
CDN77-Turbo (PHP/5.3.29)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.