The domain files.redkawa.net registered by WHOISGUARD was initially registered in September of 2006 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Atlanta, Georgia within the United States which resides on the RamNode LLC network.
Georgia, United States (US)
Saturday, September 23, 2006
Saturday, September 23, 2017
Friday, January 15, 2016
AS3842 RAMNODE - RamNode LLC, US
Detections (58% detected)
Win32/OpenCandy (variant), Win32/OpenCandy.C potentially unsafe (variant)
PE:PUF.OpenCandy!1.9DE5, Trojan.Win32.Generic.12F93CE6, Trojan.Win32.Generic.13167F1E, PE:PUF.OpenCandy!1.9DE5[F1]
Artemis!8085E77E36C8, Artemis!98F8C4D51CEA, Artemis!6AE08F91ED79, Artemis!373DDA8F64F5, Artemis!FC7A3C3D9D44, Artemis!A0BA694EBF05, Artemis!D3B82CB43BF9, Artemis!CA8A9D8CF959
Opencandy, Trojan.Win32.Generic, OpenCandy (PUA) (not malicious)
McAfee Web Gateway
Artemis!8085E77E36C8, Artemis!98F8C4D51CEA, Artemis!373DDA8F64F5, BehavesLike.Win32.Suspicious.wc
PUP.OpenCandy (M), PUP.OpenCandy.Installer (L)
NSIS.Application.OpenCandy, Win32.Adware.OpenCandy, Win32.Application.OpenCandy
K7 Gateway Antivirus
Dialer , Trojan , Unwanted-Program
Trojan , Unwanted-Program
The domain files.redkawa.net has been seen to resolve to the following 4 IP addresses.
July 23, 2016
April 26, 2014
File downloads found at URLs served by files.redkawa.net.