home

up.3c-automation.com.cn

Domain Information

Server location:
Virginia, United States (US)

ASN:
AS2914 NTT-COMMUNICATIONS-2914 - NTT America, Inc.,US

Root domain:
3c-automation.com.cn

Scanner detections:
Detections  (88% detected)

Scan engine
Details
Detections

Dr.Web
Adware.TopTools.20, Adware.TopTools.26, Win32.HLLP.Neshta
85.71%

ESET NOD32
Win32/Adware.Eszjuxuan.B application, Win32/Neshta.A virus
71.43%

Reason Heuristics
Adware.Eszjuxuan, PUP.TopTools (M), Adware.Toptools.DB (M)
57.14%

Baidu Antivirus
Win32.Adware.Eszjuxuan
28.57%

VIPRE Antivirus
Threat.4276445
14.29%

F-Prot
W32/HLLP.41472
14.29%

avast!
Win32:Apanas [Trj]
14.29%

F-Secure
Win32.Neshta.A
14.29%

McAfee
Virus.W32/HLLP.41472.e
14.29%

Microsoft Security Essentials
Threat.Undefined
14.29%

AVG
Worm/Delf.FF
14.29%

Norman
Win32.Neshta.A
14.29%

MicroWorld eScan
Gen:Variant.Adware.Razy.63718
14.29%

Bitdefender
Gen:Variant.Adware.Razy.63718
14.29%

Arcabit
Trojan.Adware.Razy.DF8E6
14.29%

The domain up.3c-automation.com.cn has been seen to resolve to the following 2 IP addresses.

165.254.60.146
firewall.systemarts.com
July 2, 2016

205.177.113.34
205-177-113-34.static.pccwglobal.net
May 25, 2016

File downloads found at URLs served by up.3c-automation.com.cn.

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../setup_303hah.exe  (setup_316icr.exe)

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../qvod_246g9o.exe  (setup_266lf2.exe)

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../game_284tr3.exe  (setup_266lf2.exe)

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../qvod_257hae.exe  (setup_316icr.exe)

2 / 68      (PUP)
http://up.3c-automation.com.cn/.../game_284zzi.exe  (e5ec1005c5898e197925ec53b225d5ff)

0 / 68
http://up.3c-automation.com.cn/.../game_284xwe.exe  (d8ff75ad010b8c745824d50d64dfb5b7)

12 / 68    (PUP)
http://up.3c-automation.com.cn/.../setup_277zz6.exe  (game_264a0g.exe)

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../setup_316xw6.exe  (game_284f7e.exe)

10 / 68    (Malware)
http://up.3c-automation.com.cn/.../setup_303d4s.exe  (44bbfecccab7ca3da65291b92e8dbb4d)

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../setup_277ke5.exe  (setup_266lf2.exe)

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../setup_303lfe.exe  (setup_266lf2.exe)

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../game_260f7h.exe  (setup_266lf2.exe)

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../game_261f7h.exe  (setup_266lf2.exe)

3 / 68      (PUP)
http://up.3c-automation.com.cn/.../setup_303e61.exe  (setup_266lf2.exe)

2 / 68      (PUP)
http://up.3c-automation.com.cn/.../qvod_246qnj.exe  (0f8d91afa4a7692db29739d445998fe7)

The following 8 files have been seen to comunicate with up.3c-automation.com.cn in live environments.

TCP » 165.254.60.146:80
jingling.exe

TCP » 165.254.60.146:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 165.254.60.146:443
jingling.exe

TCP » 165.254.60.146:443
jingling.exe

TCP » 165.254.60.146:80
jingling.exe

TCP » 165.254.60.146:80
jingling.exe

TCP » 165.254.60.146:80
-¸-+¦ª-¸-+¦µ.exe (liuliangbao by www.liuliangbao.cn)

TCP » 165.254.60.146:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 165.254.60.146:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

5ewin.com

cmaxgrc.com

finereport.com

jxsjixie.com

ksbao.com

pcsoftdown.com

upaiyun.com

yunzhuan.com

2144.cn

ad-safe.com

bingyan.asia

doswf.com

hx7987.com

meituan.net

nvjay.com

yupoo.com

zs0597.com

zuimc.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.