home

northstar-tg.com

NORTHSTAR TECHNOLOGY GROUP, INC.

Domain Information

The domain northstar-tg.com registered by NORTHSTAR TECHNOLOGY GROUP, INC. was initially registered in January of 2000 through GODADDY.COM, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Friday, January 28, 2000

Expires date:
Thursday, January 28, 2016

Updated date:
Monday, April 27, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Whois:
1 northstar-tg.com record

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Bkav FE
W32.Clod824.Trojan
100.00%

McAfee
Artemis!F3D39015A7B3
100.00%

K7 AntiVirus
Riskware
100.00%

NANO AntiVirus
Trojan.Win32.Generic.bvvhil
100.00%

Trend Micro House Call
TROJ_GEN.R0CBH05L913
100.00%

Kaspersky
not-a-virus:RemoteAdmin.Win32.WinVNC-based
100.00%

SUPERAntiSpyware
Trojan.Agent/Gen-Injector
100.00%

Comodo Security
UnclassifiedMalware
100.00%

Dr.Web
BACKDOOR.Trojan
100.00%

VIPRE Antivirus
Trojan.Win32.Generic
100.00%

Vba32 AntiVirus
Trojan.VB.Nop.ve
100.00%

Rising Antivirus
PE:Trojan.Win32.Generic.1261AC4E!308390990
100.00%

Baidu Antivirus
HackTool.Win32.WinVNC
100.00%

The domain northstar-tg.com has been seen to resolve to the following IP address.

184.168.221.16
ip-184-168-221-16.ip.secureserver.net
December 15, 2015

File downloads found at URLs served by northstar-tg.com.

13 / 68    (Malware)
http://northstar-tg.com/chad.exe  (f3d39015a7b33f2e5207c144730a18fa)

The following 7 files have been seen to comunicate with northstar-tg.com in live environments.

TCP » 184.168.221.16:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.168.221.16:80
online-guardian-v2.0.9.exe

TCP » 184.168.221.16:80
debug.exe (BlueStacks by BlueStack Systems)

TCP » 184.168.221.16:25
www.exe

TCP » 184.168.221.16:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 184.168.221.16:587
w.exe

TCP » 184.168.221.16:25
hesycasocybi.exe

URL:
http://northstar-tg.com/

Google Analytics:
UA-50346806

Title:
“Technology Company, Fargo, Dickinson, Bismarck ND”

Description:
“NorthStar provides Technology Support, Planning and Management to healthcare, energy, real estate, construction in north Dakota and Minnesota and U.S.A”

Web server:
Apache/2.2.22 (Debian) (PHP/5.4.41-0+deb7u1)

Facebook:
Likes:  7
Shares:  15

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.