home

dll.zhonghuchina.com

tianyucai

Domain Information

The domain dll.zhonghuchina.com registered by tianyucai was initially registered in December of 2015 through HANGZHOU AIMING NETWORK CO.,LTD. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Tianjin, Tianjin within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
22NET, INC.

Server location:
Tianjin, China (CN)

Create date:
Thursday, December 10, 2015

Expires date:
Saturday, December 10, 2016

Updated date:
Thursday, December 10, 2015

ASN:
AS4837 CHINA169-BACKBONE CNCGROUP China169 Backbone,CN

Root domain:
zhonghuchina.com

Whois:
2 zhonghuchina.com records

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

Clam AntiVirus
Win.Trojan.691128
100.00%

Dr.Web
Trojan.KillFiles.28526
100.00%

McAfee
Artemis!715698FF9659, Artemis!032F86F10013
66.67%

NANO AntiVirus
Riskware.Win32.ShouQu.dmnfjx
66.67%

ESET NOD32
Win32/Packed.NSISmod.A suspicious (variant)
66.67%

avast!
Win32:Malware-gen
66.67%

Fortinet FortiGate
W32/Generic.AC.18053
66.67%

Baidu Antivirus
Hacktool.Win32.NSISmod
33.33%

ESET NOD32
Win32/Packed.NSISmod.A suspicious application
33.33%

AegisLab AV Signature
Troj.Generic
33.33%

AhnLab V3 Security
PUP/Win32.ShortCut
33.33%

The domain dll.zhonghuchina.com has been seen to resolve to the following 6 IP addresses.

27.209.182.8
February 22, 2016

27.209.182.6
February 22, 2016

125.39.5.36
no-data
February 22, 2016

125.39.5.33
no-data
February 22, 2016

125.39.5.8
no-data
February 22, 2016

60.221.255.254
254.255.221.60.adsl-pool.sx.cn
February 22, 2016

File downloads found at URLs served by dll.zhonghuchina.com.

9 / 68      (PUP)
http://dll.zhonghuchina.com/.../setup_95_1.exe  (setup_92_1.exe)

3 / 68      (inconclusive)
http://dll.zhonghuchina.com/.../setup_95_1.exe  (setup_120_1.exe)

8 / 68      (PUP)
http://dll.zhonghuchina.com/.../setup_95_1.exe  (setup_109_1.exe)

URL:
http://dll.zhonghuchina.com/

Web server:
Microsoft-IIS/6.0 (ASP.NET)

72zx.com

97you.net

cdndown.net

d1xn.com

diyidan.net

duomi.com

eastday.com

glodon.com

imgo.tv

miwifi.com

nonglirili.net

pcjoy.cn

pconline.com.cn

pplive.com

rilibiao.com.cn

shoujiduoduo.com

sogou.com

theworld.cn

wannianli365.com

yingyonghui.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.