esd.nzs.com.br

Financeiro GrupoNZN

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Server location:
Massachusetts, United States (US)

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Root domain:

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Binstall.W, PUP.Binstall.a, PUP.installCore.Binstall (M), PUP.Softonic.Bundler (M), PUP.installCore (M), PUP.InstallCore.EST (M), PUP.aTubeCatcher (L), PUP.installCore.ISBRInst (M)
93.75%

Dr.Web
Trojan.Packed.25266, Trojan.InstallCore.1903
10.42%

VIPRE Antivirus
InstallCore.b, Trojan.Win32.Generic, Threat.4837543
10.42%

ESET NOD32
Win32/InstallCore.ND (variant), Win32/InstallCore.NZ (variant)
8.33%

Fortinet FortiGate
Riskware/InstallCore
8.33%

McAfee
Artemis!C2C80176C556, Artemis!50A9FAFDA8FF, Artemis!6D3E7AFEAE6D
6.25%

McAfee Web Gateway
Artemis!C2C80176C556, Artemis!50A9FAFDA8FF, Artemis!6D3E7AFEAE6D
6.25%

herdProtect (fuzzy)
a variant of 8772c715400a09c7f558eedd934d136fcbb49eb7
4.17%

Malwarebytes
PUP.Optional.InstallCore.A, PUP.Optional.Installcore
4.17%

Trend Micro House Call
TROJ_GEN.F47V0418, TROJ_GEN.F47V0521
4.17%

Sophos
Install Core Click run software
4.17%

Comodo Security
Application.Win32.InstallCore.~ND, Application.Win32.Installcore.IO
4.17%

Vba32 AntiVirus
Downware.InstallCore
4.17%

Agnitum Outpost
PUA.InstallCore
2.08%

K7 Gateway Antivirus
Unwanted-Program
2.08%

The domain esd.nzs.com.br has been seen to resolve to the following 38 IP addresses.

a23-62-7-35.deploy.static.akamaitechnologies.com
August 13, 2015

a23-67-250-120.deploy.static.akamaitechnologies.com
May 4, 2015

a23-67-250-88.deploy.static.akamaitechnologies.com
May 4, 2015

a72-247-9-160.deploy.akamaitechnologies.com
May 4, 2015

a72-247-9-114.deploy.akamaitechnologies.com
May 4, 2015

May 4, 2015

a23-67-243-25.deploy.static.akamaitechnologies.com
May 4, 2015

a23-62-7-65.deploy.static.akamaitechnologies.com
December 2, 2014

a23-62-7-19.deploy.static.akamaitechnologies.com
December 2, 2014

a23-15-7-138.deploy.static.akamaitechnologies.com
November 2, 2014

a23-61-250-17.deploy.static.akamaitechnologies.com
November 1, 2014

a23-61-250-18.deploy.static.akamaitechnologies.com
November 1, 2014

a23-15-9-153.deploy.static.akamaitechnologies.com
October 9, 2014

a23-15-9-161.deploy.static.akamaitechnologies.com
October 9, 2014

a184-25-157-83.deploy.static.akamaitechnologies.com
September 22, 2014

a184-25-157-91.deploy.static.akamaitechnologies.com
September 22, 2014

a23-15-7-163.deploy.static.akamaitechnologies.com
September 18, 2014

September 18, 2014

September 18, 2014

a23-0-160-72.deploy.static.akamaitechnologies.com
September 3, 2014

a23-0-160-17.deploy.static.akamaitechnologies.com
September 3, 2014

a23-0-160-58.deploy.static.akamaitechnologies.com
September 3, 2014

a184-51-126-59.deploy.static.akamaitechnologies.com
August 22, 2014

a184-51-126-51.deploy.static.akamaitechnologies.com
August 22, 2014

a23-15-7-152.deploy.static.akamaitechnologies.com
August 17, 2014

a23-15-7-147.deploy.static.akamaitechnologies.com
August 17, 2014

a23-0-160-83.deploy.static.akamaitechnologies.com
August 16, 2014

a23-0-160-42.deploy.static.akamaitechnologies.com
August 16, 2014

a23-0-160-25.deploy.static.akamaitechnologies.com
August 16, 2014

May 29, 2014

 
Showing 30 of 38 IP Addresses

File downloads found at URLs served by esd.nzs.com.br.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (PUP)
http://esd.nzs.com.br/programas/.../912-aTubeCatcher.exe  (8663aafec3cbbf367c68d7cfc9662896)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

13 / 68    (Adware)

7 / 68      (Adware)

5 / 68      (Adware)
http://esd.nzs.com.br/programas/20518/.../mozilla-firefox-280-32-bits.exe  (icreinstall_mozilla-firefox-280-32-bits.exe)

 
Latest 30 of 769 download URLs

The following 707 files have been seen to comunicate with esd.nzs.com.br in live environments.

 
Latest 20 of 730 files

URL:
http://esd.nzs.com.br/

Web server:
Apache