home

yy.25pp.com

广州爱禾网络技术有限公司

Domain Information

The domain yy.25pp.com registered by 广州爱禾网络技术有限公司 was initially registered in October of 2004 through MARKMONITOR INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Taizhou, Jiangsu within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
MARKMONITOR INC.

Server location:
Jiangsu, China (CN)

Create date:
Sunday, October 10, 2004

Expires date:
Wednesday, October 10, 2018

Updated date:
Thursday, September 4, 2014

ASN:
AS4134 CHINANET-BACKBONE No.31,Jin-rong Street,CN

Root domain:
25pp.com

Whois:
1 25pp.com record

Scanner detections:
Malware distribution  (62% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP
88.89%

ESET NOD32
Detection.Undefined
11.11%

Zillya! Antivirus
Backdoor.PePatch.Win32.91511
11.11%

The domain yy.25pp.com has been seen to resolve to the following IP address.

115.231.159.73
November 13, 2015

File downloads found at URLs served by yy.25pp.com.

1 / 68      (Malware)
http://yy.25pp.com/.../PPGhostSetup.exe  (2c08ddb668f42f1dea1299611d6dc2d0)

0 / 68
http://yy.25pp.com/.../ppsetup.exe  (908d816d069e5b63cb08dc063675a6ed)

1 / 68      (Malware)
http://yy.25pp.com/.../PPGhostSetup.exe  (2bddbd1cc42595eb09f11dc4d87dab2e)

0 / 68
http://yy.25pp.com/.../pp3setup.exe  (9e71da59cdf64861be31279dcbe0d165)

0 / 68
http://yy.25pp.com/.../ppsetup.exe  (09e8b9f3fb34392b156dc00c0ef7d9ab)

1 / 68      (Malware)
http://yy.25pp.com/.../PPGhostSetup.exe  (3774d2fdc20f38b0d2d87f2fd4a34ca4)

1 / 68      (Malware)
http://yy.25pp.com/.../PPGhostSetup.exe  (80d868fb9441bfc047d0d98cd96ddf80)

1 / 68      (Malware)
http://yy.25pp.com/.../PPGhostSetup.exe  (5fc713d7bbfdfb25afac1bcf7a96e0ed)

1 / 68      (Malware)
http://yy.25pp.com/.../PPGhostSetup.exe  (fe3381944a3b7efadf4f8544d2798b79)

0 / 68
http://yy.25pp.com/soft/.../pp2.0_25pp_00007_Setup.exe  (983305992ead8428c6a1b8d486893024)

1 / 68      (Malware)
http://yy.25pp.com/.../PPGhostSetup.exe  (1818fb3b98f2b2d74f3ef3dd323d0066)

2 / 68      (inconclusive)
http://yy.25pp.com/.../ppsetup.exe  (6c359e32f3e801c4be0611fb1a4b54b6)

1 / 68      (Malware)
http://yy.25pp.com/.../PPGhostSetup.exe  (00b77d98e91ebcb67440fe4484276f1e)

URL:
http://yy.25pp.com/

SSL certificate subject:
CN=www.chinanetcenter.com, OU=IT, O=Shanghai Wangsu Science & Technology Co. Ltd, L=Shanghai, S=Shanghai, C=CN

SSL certificate issuer:
CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Web server:
nginx/1.3.7

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.