The domain cdn.besplatnyeprogrammy.ru is registered by proxy through NAUNET-RU and was originally registered in November of 2008. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Gunzenhausen, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrant:
Private Person
Server location:
Bayern, Germany (DE)
Create date:
Monday, November 3, 2008
Expires date:
Thursday, November 3, 2016
ASN:
AS24940 HETZNER-AS Hetzner Online AG,DE
Scanner detections:
Detections (98% detected)
Scan engine
Details
Detections
Kaspersky
UDS:DangerousObject.Multi.Generic, not-a-virus:HEUR:Downloader.NSIS.SoftBase, not-a-virus:Downloader.NSIS.SoftBase
79.55%
Baidu Antivirus
PUA.Win32.Softobase, Adware.Win32.Agent
79.55%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
77.27%
ESET NOD32
Win32/Softobase.C potentially unwanted, Win32/Softobase.D potentially unwanted
77.27%
McAfee
Artemis!BA24EDBAE10B, Trojan.Artemis!9DA84DBA8A84, Artemis!F913DA976D1B, Artemis!C6EA1BD95E59, Artemis!42717BAA869E, Artemis!B99934DE94BC, Artemis!4238086CF186, Artemis!795C1D752964, Artemis!E43A1EE1C573, Artemis!12D5B45D4ABC, Artemis!314AFEBD3738, Artemis!80C707A3F4CD, Artemis!0C5439086057, Artemis!1E0462DDDF0E, Artemis!793154C7BA0D, RDN/Generic.dx!dqj, Artemis!04975059FCF0
70.45%
Trend Micro House Call
Suspicious_GEN.F47V0324, Suspicious_GEN.F47V0413, Suspicious_GEN.F47V0503, Suspicious_GEN.F47V0421, TROJ_GEN.R00UH06E315, TROJ_GEN.R00UH06E215, Suspicious_GEN.F47V0423, TROJ_GEN.R047H05DU15, TROJ_GEN.R0EBH06DS15
47.73%
K7 AntiVirus
Adware
27.27%
Sophos
Generic PUA PK, Generic PUA FB, Generic PUA BG, Generic PUA AP (PUA), Generic PUA NI (PUA), Generic PUA MJ (PUA), Generic PUA OJ (PUA)
25.00%
VIPRE Antivirus
Trojan.Win32.Generic
25.00%
Norman
Suspicious_Gen4.IGHVE, Suspicious_Gen4.IGRQC, Suspicious_Gen4.IHASW, Suspicious_Gen4.IIMWU, Suspicious_Gen4.IHNUH, Suspicious_Gen4.IHCML, Suspicious_Gen4.IGHLY, Suspicious_Gen4.IGMQA
20.45%
avast!
Win32:Malware-gen, Win32:Adware-gen [Adw]
15.91%
NANO AntiVirus
Trojan.Nsis.SoftBase.dsgvph, Trojan.Nsis.SoftBase.dsycco
15.91%
ViRobot
Trojan.Win32.S.Agent.243347[h], Trojan.Win32.S.Agent.226436[h], Trojan.Win32.S.Agent.243329.B[h], Trojan.Win32.S.Agent.242315[h]
13.64%
Reason Heuristics
PUP.INSITEGROUP.Installer (M), PUP.INSITEGR.Installer (M)
13.64%
Trend Micro
TROJ_GEN.R0EBC0OE115, TROJ_GEN.R03EC0OHK15, TROJ_GEN.R0EBC0ODS15, TROJ_GEN.R01TC0EFE15, TROJ_GEN.R000C0EG415
11.36%
The domain cdn.besplatnyeprogrammy.ru has been seen to resolve to the following 3 IP addresses.
static.85-10-196-94.clients.your-server.de
May 5, 2015
85-10-200-21.clients.your-server.de
May 5, 2015
static.158.40.63.178.clients.your-server.de
May 5, 2015
File downloads found at URLs served by cdn.besplatnyeprogrammy.ru.
Latest 30 of 44 download URLs
The following 7 files have been seen to comunicate with cdn.besplatnyeprogrammy.ru in live environments.
Related Domains