home

www.kongyunbao.com

Yang Changyin

Domain Information

The domain www.kongyunbao.com registered by Yang Changyin was initially registered in July of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Philadelphia, Pennsylvania within the United States which resides on the Enzu Inc network.
Registrar:
PREMIERENAME.CA INC.

Server location:
Pennsylvania, United States (US)

Create date:
Friday, July 25, 2014

Expires date:
Tuesday, July 25, 2017

Updated date:
Saturday, December 5, 2015

ASN:
AS18978 ENZUINC-US - Enzu Inc, US

Root domain:
kongyunbao.com

Whois:
5 kongyunbao.com records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DeskToolsSoft (L), PUP.Softpulse.PluginUp.Bundler (M), PUP.Air Software.Installe.Installer (M), PUP.Softpulse.PLUGINUP.Bundler (M), PUP.Adknowledge.SafeDown.Bundler (M), PUP.Adknowledge.Fileadve.Bundler (M), PUP.Softpulse (M)
98.00%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
2.00%

F-Secure
Application:W32/Generic.70053c248f!Online
2.00%

The domain www.kongyunbao.com has been seen to resolve to the following 9 IP addresses.

172.246.123.19
vps01.advancesmtp.info
July 28, 2016

172.246.123.20
vps.suporteaocliente.info
July 28, 2016

183.90.185.112
May 15, 2016

183.90.186.200
May 15, 2016

210.209.85.38
February 3, 2016

50.63.202.45
ip-50-63-202-45.ip.secureserver.net
August 11, 2015

23.245.70.153
May 3, 2015

104.28.29.42
November 12, 2014

104.28.28.42
November 12, 2014

File downloads found at URLs served by www.kongyunbao.com.

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=481&dv1=ad474-it&kw1=ad474-it-qyc&uuid=e5959046-f8ad-43bb-7fc5-5339ccedd3ee&dv3=e5959046-f8ad-43bb-7fc5-5339ccedd3ee  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=606&dv1=ad599-fr&kw1=ad599-fr-qyc&uuid=beb0c55f-efe9-4f9b-6ad1-79986728c36b&dv3=beb0c55f-efe9-4f9b-6ad1-79986728c36b  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=726&dv1=ad719-us&kw1=ad719-us-xx&uuid=282c15d4-ff3b-4810-6cbb-c00a8791049f&dv3=282c15d4-ff3b-4810-6cbb-c00a8791049f  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=523&dv1=ad516-de&kw1=ad516-de-lm&uuid=a59527e7-8e68-429a-4193-63bcf7b284e0&dv3=a59527e7-8e68-429a-4193-63bcf7b284e0  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=726&dv1=ad719-us&kw1=ad719-us-xx&uuid=90ef21ce-2245-463f-5e5b-9072232c6531&dv3=90ef21ce-2245-463f-5e5b-9072232c6531  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=725&dv1=ad718-us&kw1=ad718-us-xx&uuid=350e92cf-92c2-47ad-7323-fcc11ed5f5a7&dv3=350e92cf-92c2-47ad-7323-fcc11ed5f5a7  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=725&dv1=ad718-us&kw1=ad718-us-xx&uuid=1af077e0-103f-4902-5616-2a4ebf34a6b4&dv3=1af077e0-103f-4902-5616-2a4ebf34a6b4  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=726&dv1=ad719-us&kw1=ad719-us-xx&uuid=cac31d30-cb51-44ff-63ae-81b0fb0dc64f&dv3=cac31d30-cb51-44ff-63ae-81b0fb0dc64f  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=725&dv1=ad718-us&kw1=ad718-us-xx&uuid=0ac37672-c101-4473-52f4-e93f2fee90f0&dv3=0ac37672-c101-4473-52f4-e93f2fee90f0  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=606&dv1=ad599-fr&kw1=ad599-fr-qyc&uuid=d662ebd1-9730-4d8f-6238-12542fa3d28e&dv3=d662ebd1-9730-4d8f-6238-12542fa3d28e  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=725&dv1=ad718-us&kw1=ad718-us-xx&uuid=64051f04-b374-470b-7ab0-8bd6a7b1c817&dv3=64051f04-b374-470b-7ab0-8bd6a7b1c817  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=379&dv1=ad373-fr&kw1=ad373-fr-qyc&uuid=f9c490df-e52a-4fa9-710b-d955618ad2b5&dv3=f9c490df-e52a-4fa9-710b-d955618ad2b5  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=603&dv1=ad596-ca&kw1=ad596-ca-lm&uuid=488f8e26-b2be-4f83-66dc-cbf1a74d4beb&dv3=488f8e26-b2be-4f83-66dc-cbf1a74d4beb  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=300&dv1=ad294-gb&kw1=ad294-gb-qyc-intel&uuid=b5937147-bd80-47be-41ab-d80bac064e31&dv3=b5937147-bd80-47be-41ab-d80bac064e31  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=300&dv1=ad294-gb&kw1=ad294-gb-qyc-intel&uuid=a764e89b-5378-435b-4e5d-398447ef987d&dv3=a764e89b-5378-435b-4e5d-398447ef987d  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=497&dv1=ad490-us&kw1=ad490-us-xx&uuid=579515de-b280-438f-77e5-effd1812bdfe&dv3=579515de-b280-438f-77e5-effd1812bdfe  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=784&dv1=ad783-it&kw1=ad783-it-qyc&uuid=1625cf69-e505-4293-69f2-05c1b48a931c&dv3=1625cf69-e505-4293-69f2-05c1b48a931c  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=573&dv1=ad566-it&kw1=ad566-it-xx&uuid=1a3ccde0-97ac-4343-55d8-009aaeec4110&dv3=1a3ccde0-97ac-4343-55d8-009aaeec4110  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=499&dv1=ad492-gb&kw1=ad492-gb-qyc&uuid=41b8b68a-d005-4fbb-49de-1072da5a497f&dv3=41b8b68a-d005-4fbb-49de-1072da5a497f  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=471&dv1=ad464-it&kw1=ad464-it-lm&uuid=2b896304-f44b-4be9-542f-1d2c79650a78&dv3=2b896304-f44b-4be9-542f-1d2c79650a78  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=477&dv1=ad470-us&kw1=ad470-us-qyc&uuid=44dbe1ca-0a74-4f7e-4a91-f784d2a910a8&dv3=44dbe1ca-0a74-4f7e-4a91-f784d2a910a8  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=725&dv1=ad718-us&kw1=ad718-us-xx&uuid=91811ca4-a87e-4e04-5eba-37f5fab4f2a7&dv3=91811ca4-a87e-4e04-5eba-37f5fab4f2a7  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=477&dv1=ad470-us&kw1=ad470-us-qyc&uuid=e2d47bfa-c6eb-4ae3-6d86-8ec582ea229f&dv3=e2d47bfa-c6eb-4ae3-6d86-8ec582ea229f  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=499&dv1=ad492-gb&kw1=ad492-gb-qyc&uuid=195b6ec3-36a8-47f6-7cc3-1908bab23ba2&dv3=195b6ec3-36a8-47f6-7cc3-1908bab23ba2  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=300&dv1=ad294-gb&kw1=ad294-gb-qyc-intel&uuid=d37e0df0-8c14-4f4e-5b07-565a3e3165b6&dv3=d37e0df0-8c14-4f4e-5b07-565a3e3165b6  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/Intel/.../down.php?sid=497&dv1=ad490-us&kw1=ad490-us-xx&uuid=5665692e-a730-4cd7-61ec-c1fd36274478&dv3=5665692e-a730-4cd7-61ec-c1fd36274478  (driver_updater.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/rk/.../down.php?dv1=wk_160  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=471&dv1=ad464-it&kw1=ad464-it-lm&uuid=0fdb88d8-8960-4d6f-745a-e43c38ef237c&dv3=0fdb88d8-8960-4d6f-745a-e43c38ef237c  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=603&dv1=ad596-ca&kw1=ad596-ca-lm&uuid=d478d400-4d5a-4092-6faa-ad2c476d1789&dv3=d478d400-4d5a-4092-6faa-ad2c476d1789  (setup.exe)

1 / 68      (Adware)
http://www.kongyunbao.com/down/flash/.../down.php?sid=713&dv1=ad706-fr&kw1=ad706-fr-lm&uuid=152cd34f-a1b6-44a9-7fae-5c43f741962e&dv3=152cd34f-a1b6-44a9-7fae-5c43f741962e  (setup.exe)

 
Latest 30 of 148 download URLs

The following 179 files have been seen to comunicate with www.kongyunbao.com in live environments.

TCP » 50.63.202.45:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 50.63.202.45:80
e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe (CinemaP-1.9cV16.03 by Cinema PlusV16.03)

TCP » 50.63.202.45:80
e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe (CinemaP-1.9cV16.03 by Cinema PlusV16.03)

TCP » 50.63.202.45:80
11e81189-eaa5-4123-b419-aa5f42701ee1-5.exe (SavePass 1.1 by OB)

TCP » 50.63.202.45:80
11e81189-eaa5-4123-b419-aa5f42701ee1-10.exe (SavePass 1.1 by OB)

TCP » 50.63.202.45:80
21b41b32-35e1-4fa4-bb23-d4939a826f69-2.exe (App Lid by Lid)

TCP » 50.63.202.45:80
11e81189-eaa5-4123-b419-aa5f42701ee1-1-7.exe (SavePass 1.1 by OB)

TCP » 50.63.202.45:80
21b41b32-35e1-4fa4-bb23-d4939a826f69-5.exe (App Lid by Lid)

TCP » 50.63.202.45:80
80384460-b08a-415d-8639-86143ac146c2-5.exe (SavePass 1.1 by OB)

TCP » 50.63.202.45:80
app lid-codedownloader.exe (App Lid by Lid)

TCP » 50.63.202.45:80
uninstallbrw.exe (HQCinema Pro 2.1V12.03 by HQ CinemaV12.03)

TCP » 50.63.202.45:80
b79c6333-2232-4172-b277-1a743de22c9e-10.exe (CinemaP-1.1c by Cinema Plus)

TCP » 50.63.202.45:80
e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.exe (CinemaP-1.9cV16.03 by Cinema PlusV16.03)

TCP » 50.63.202.45:80
e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe (CinemaP-1.9cV16.03 by Cinema PlusV16.03)

TCP » 50.63.202.45:80
88dac21f-6131-4b4d-9028-7105d206e73d-5.exe (TotalPlusHD-3.1V10.01 by HDPlus-3.1TotalV10.01)

TCP » 50.63.202.45:80
21b41b32-35e1-4fa4-bb23-d4939a826f69-11.exe (App Lid by Lid)

TCP » 50.63.202.45:80
d029ea57-7a5f-41e0-a92b-eba20eb10550-10.exe (I - Cinema by iCinema)

TCP » 50.63.202.45:80
bd1dd1e4-2484-4a24-ba2b-534397af9686-10.exe (winservice86 by Corporate Inc)

TCP » 50.63.202.45:80
totalplushd-3.1v07.01-codedownloader.exe (TotalPlusHD-3.1V07.01 by HDPlus-3.1TotalV07.01)

TCP » 50.63.202.45:80
byaiamuf.exe (CinemaP-1.9cV16.03 by Cinema PlusV16.03)

 
Latest 20 of 180 files

URL:
http://www.kongyunbao.com/

Title:
“kongyunbao.com”

Web server:
nginx/1.6.2 (PHP/5.3.3)

Facebook:
Shares:  6

Statistics are for the previous month.

como-eliminar.com

0123f.info

0135h.info

allegrofeature.info

bestfastexperience.com

cdn016.com

display-download.com

download366.co

downloaddais.com

downloaddame.com

files-fast.net

filesstartdown.com

globalnodemax.com

healthclicknext.com

installconnect.com

investorsuser.info

lickinstalled.com

lotos-poker.com

mobno.net

originalcase.info

panelaccess.info

platformuser.info

portaldot.info

softportaldirect.com

softwaredownloadguru.com

swanfaster.com

systemexpress.info

trackfiledownload.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.