The domain down.ruanmei.com registered by Zhangkai was initially registered in May of 2006 through 35 TECHNOLOGY CO., LTD. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Hangzhou, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.
35 TECHNOLOGY CO., LTD
Zhejiang, China (CN)
Thursday, May 04, 2006
Thursday, May 04, 2017
Tuesday, March 25, 2014
AS4134 CHINANET-BACKBONE No.31,Jin-rong Street,CN
Detections (93% detected)
PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.R, PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.S, PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.X, PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.Q, PUP.QingdaoRuanmeiNetworkTechnology.Installer (M)
PE:Trojan.Win32.Generic.1293B169!311669097, PE:Worm.Autorun!1.9EE3, PE:Malware.XPACK/RDM!5.1
Artemis!83CE39AD3562, Artemis!A65FFC4B0913, Artemis!753032EC4D62, Artemis!0A237B244A59, Artemis!6C6B2676C944, Artemis!0E24B43D932B, Artemis!71D3CB1A708C
Trojan.Moky.19, Trojan.Carberp.1395, Trojan.Siggen4.45560, DLOADER.Trojan
McAfee Web Gateway
Artemis!83CE39AD3562, Artemis!A65FFC4B0913, Artemis!753032EC4D62, Artemis!0A237B244A59
suspected of Trojan.Downloader.gen.h, BScope.Trojan.Agent
Trend Micro House Call
TROJ_GEN.F47V0527, Suspicious_GEN.F47V0330, Suspicious_GEN.F47V0419
Address Tool Bar
Win32/MyDesk.A potentially unwanted
The domain down.ruanmei.com has been seen to resolve to the following 7 IP addresses.
File downloads found at URLs served by down.ruanmei.com.