What is ijinshan.com

The domain ijinshan.com appears to be related to malware, we have seen this and detected it a number of times now.

The domain is hosted in China, and we have seen quite a lot of phones with malware that trace back to this host.

Known Applications

The following applications are known to host the malware associated to this domain (to be updated)

KBatteryDoctor

Battery_Doctor_(Battery_Saver)

Known Subdomains

www.ijinshan.com
did.ijinshan.com  – Confirmed Win32.Trojan.Jadtre
m.ios.ijinshan.com
login.ijinshan.com
union.ijinshan.com
i.ijinshan.com
pay.ijinshan.com
t.ijinshan.com
zj.ijinshan.com
skin.ijinshan.com
d.union.ijinshan.com – Confirmed Troj/Small-EUU (Details from Sophos here)
cloudlib.ijinshan.com
dl.dc.ijinshan.com
dl.app.ijinshan.com
zj.ios.ijinshan.com
zt.ijinshan.com
baike.ijinshan.com
img1.ijinshan.com
u.ijinshan.com
app.ijinshan.com
url.ijinshan.com
file.ijinshan.com
wap.ijinshan.com
app.sjk.ijinshan.com
dl.sj.ijinshan.com
cdndownload.liehu.ijinshan.com
cloudapp.softlib.ijinshan.com
bj.download.ijinshan.com
softdl.ijinshan.com
fish.ijinshan.com
cs.weishi.ijinshan.com
peifu.ijinshan.com
ijinshan.com
code.ijinshan.com
zs.ijinshan.com
m.ijinshan.com
rz.ijinshan.com
client.ijinshan.com
mail.ijinshan.com
buding.ijinshan.com
software.ijinshan.com
box.wan.ijinshan.com
apns.ios.ijinshan.com
vip.ijinshan.com
gamebox.ijinshan.com
per.ijinshan.com
dl.ijinshan.com
wxservice.ijinshan.com
f.ijinshan.com




Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: