pxc-coding.com

Jonas Zimmermann

Domain Information

The domain pxc-coding.com registered by Jonas Zimmermann was initially registered in February of 2012 through GANDI SAS. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Berlin, Berlin within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
GANDI SAS

Server location:
Berlin, Germany (DE)

Create date:
Thursday, February 09, 2012

Expires date:
Friday, February 09, 2018

Updated date:
Friday, December 25, 2015

ASN:
AS6724 STRATO STRATO AG,DE

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.JonasZimmermann.G, PUP.OpenCandy.Installer (L), PUP.JonasZimmermann.Installer (M), PUP.JonasZim.Installer (M), Threat.Win.Reputation.IMP
89.47%

ESET NOD32
Win32/OpenCandy, Win32/OpenCandy (variant), Win32/OpenCandy.C potentially unsafe (variant), Win32/OpenCandy.A potentially unsafe (variant)
52.63%

Sophos
OpenCandy (PUA), PUA 'OpenCandy'
42.11%

K7 Gateway Antivirus
Unwanted-Program
42.11%

K7 AntiVirus
Unwanted-Program
42.11%

Zillya! Antivirus
Adware.OpenCandy.Win32.462, Adware.OpenCandy.Win32.453, Adware.OpenCandy.Win32.456
36.84%

Fortinet FortiGate
Adware/OpenCandy, Riskware/OpenCandy
31.58%

Malwarebytes
PUP.Optional.OpenCandy
26.32%

VIPRE Antivirus
Trojan.Win32.Generic, Opencandy
15.79%

Baidu Antivirus
Adware.Win32.OpenCandy
15.79%

Dr.Web
Adware.OpenCandy.3, Adware.OpenCandy.137
10.53%

AVG
AdLoad.OpenCandy
10.53%

Agnitum Outpost
Riskware.Agent
10.53%

McAfee
Artemis!5886CCF6F969, Artemis!678E540275B1
10.53%

McAfee Web Gateway
BehavesLike.Win32.BadFile.cc, BehavesLike.Win32.BadFile.bc
10.53%

The domain pxc-coding.com has been seen to resolve to the following 3 IP addresses.

December 4, 2015

December 4, 2015

h2002155.stratoserver.net
December 18, 2013

File downloads found at URLs served by pxc-coding.com.

1 / 68      (PUP)

1 / 68      (PUP)

7 / 68      (PUP)

1 / 68      (Malware)
http://pxc-coding.com/downloads/.../Alternative-Flash-Player-Auto-Updater-1.1.0.3-Setup.exe  (alternative-flash-player-auto-updater-1.2.0.1-setup.exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://pxc-coding.com/downloads/.../Alternative-Flash-Player-Auto-Updater-1.1.0.6-Setup.exe  (alternative-flash-player-auto-updater-1.2.0.1-setup.exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7621&vp_edd_act=download&expire=MTQ1ODY1MTEyNg==  (alternative-flash-player-auto-updater-1.2.0.1-setup.exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://pxc-coding.com/downloads/.../Alternative-Flash-Player-Auto-Updater-1.2.0.1-Setup.exe  (alternative-flash-player-auto-updater-1.1.0.3-setup.exe)

6 / 68      (PUP)

6 / 68      (PUP)

6 / 68      (PUP)

6 / 68      (PUP)

 
Latest 30 of 65 download URLs

The following file have been seen to comunicate with pxc-coding.com in live environments.

May 24, 2016

URL:
http://pxc-coding.com/

Google Analytics:
UA-29164157

Title:
“pXc-coding”

SSL certificate subject:
CN=www.pxc-coding.com, OU=PositiveSSL, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
Apache (PHP/5.6.19,PleskLin)

Facebook:
Likes:  19
Shares:  24
Comments:  4

Statistics above are for the previous month of August 2017.