home

xiazai.51jetso.com

zenglingbai

Domain Information

The domain xiazai.51jetso.com registered by zenglingbai was initially registered in October of 2013 through ENAME TECHNOLOGY CO., LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Hangzhou, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
ENAME TECHNOLOGY CO., LTD.

Server location:
Zhejiang, China (CN)

Create date:
Tuesday, October 15, 2013

Expires date:
Saturday, October 15, 2016

Updated date:
Wednesday, June 4, 2014

ASN:
AS4134 CHINANET-BACKBONE No.31,Jin-rong Street, CN

Root domain:
51jetso.com

Whois:
1 51jetso.com record

Scanner detections:
Detections  (60% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.Downloader.Shanghai.Installer.Meta (M)
75.00%

avast!
Win32:Trojan-gen, Win32:Malware-gen
50.00%

ESET NOD32
Win32/Packed.NSISmod.A suspicious application
50.00%

Dr.Web
Trojan.KillFiles.28526
50.00%

VIPRE Antivirus
Threat.4150696
25.00%

Clam AntiVirus
Win.Adware.Agent-59030
25.00%

The domain xiazai.51jetso.com has been seen to resolve to the following 10 IP addresses.

183.134.11.85
July 31, 2016

122.228.237.175
July 31, 2016

122.228.24.164
July 31, 2016

122.228.22.176
July 31, 2016

117.23.51.73
July 31, 2016

117.23.2.80
July 31, 2016

115.231.22.76
July 31, 2016

220.243.237.153
July 8, 2016

220.243.237.152
February 23, 2016

220.243.235.203
February 23, 2016

File downloads found at URLs served by xiazai.51jetso.com.

3 / 68      (inconclusive)
http://xiazai.51jetso.com/.../Setup_218.exe  (21ff5dfc7afe2a5628db2c03e812d2e7)

0 / 68
http://xiazai.51jetso.com/.../setup_20006.exe  (cd9b4eae27fcf8dca465c3dd2d7ed718)

1 / 68      (PUP)
http://xiazai.51jetso.com/.../Setup_120.exe  (f60a646fba1947d44954d8114ca03046)

1 / 68      (PUP)
http://xiazai.51jetso.com/.../Setup_104.exe  (c9c3c799cd3c68446186ae51fcb2247b)

6 / 68      (PUP)
http://xiazai.51jetso.com/.../Setup_22005.exe  (setup_20002.exe)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.