» download.casino.redkings.com
Overview
Analysis
IPs Addresses (1)
Downloads (7)
Related Domains (1)

download.casino.redkings.com

Domains By Proxy, LLC (Proxy Registrant)

Domain Information

The domain download.casino.redkings.com is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2005. Currently this domain has been known to host various forms of malware. The hosted servers are located in Valletta, Malta within Malta which resides on the RIPE Network Coordination Centre network.

Registrant:

Domains By Proxy, LLC

Registrar:

GODADDY.COM, LLC

Server location:

Malta, Malta (MT)

Create date:

Saturday, May 7, 2005

Expires date:

Saturday, May 7, 2016

Updated date:

Wednesday, April 15, 2015

ASN:

AS20521 ASN-BELLNET Bellnet Limited,MT

Root domain:

redkings.com

Whois:

1 redkings.com record

Scanner detections:

Malware distribution (57% detected)

Scan engine

Details

Detections

Kaspersky

HEUR:Trojan-Downloader.Win32.Generic, not-a-virus:Downloader.Win32.InstallFlash

100.00%

NANO AntiVirus

Trojan.Win32.DownLoader11.dlmtpk, Trojan.Win32.DownLoader11.dpapgd

83.33%

Agnitum Outpost

Trojan.DownLoader

83.33%

Avira AntiVirus

GAME/Casino.Gen

83.33%

McAfee

Artemis!AF72E8EC8630, Artemis!F52A0EE2CED0, Artemis!1563B1B7D9AC, Artemis!F4FE28693DD0, Artemis!22F638572F46

83.33%

Trend Micro House Call

Suspicious_GEN.F47V0127, Suspicious_GEN.F47V0306, TROJ_GEN.F47V1001, Suspicious_GEN.F47V0422

66.67%

SUPERAntiSpyware

Trojan.Agent/Gen-Dropper

66.67%

IKARUS anti.virus

Win32.SuspectCrc, Win32.DH, not-a-virus:Downloader.InstallFlash

50.00%

AVG

Win.Threat.High, Skodna.Casino

50.00%

herdProtect (fuzzy)

a variant of b73e2be54dfcdbf60adfa4ca83cc89a1daa491af, a variant of a4dd690ccbd1d1995da5df446e15b9e1119bc32b

33.33%

Baidu Antivirus

Trojan.Win32.Downloader

33.33%

K7 AntiVirus

Riskware

16.67%

Vba32 AntiVirus

Downloader.InstallFlash

16.67%

Bkav FE

HW32.Laneul

16.67%

Clam AntiVirus

Win.Trojan.Downloader-66692

16.67%

The domain download.casino.redkings.com has been seen to resolve to the following IP address.

95.131.233.79

December 15, 2015

File downloads found at URLs served by download.casino.redkings.com.

7 / 68 (Malware)

http://download.casino.redkings.com/download.php?aname=bezdepozytu.crk&zone_id=none&referer=aHR0cDovL3d3dy5kYXJtb3d5Ym9udXMuY29tL3QzNTQtcmVka2luZ3Mta2FzeW5vLTEwZXVyLXphLWRhcm1vLWJlei1kZXBvenl0dQ==&dyn_id=no_zone (casinoredkings_setup.exe)

0 / 68

http://download.casino.redkings.com/download.php?aname=trygambling1&zone_id=none&referer=aHR0cDovL3Rpa3Jhc2RhcmJhcy5jb20v&dyn_id=no_zone (casinoredkings_setup.exe)

1 / 68 (inconclusive)

http://download.casino.redkings.com/download.php?aname=gregor55511x&zone_id=none&referer=aHR0cDovL2JlemRlcG96eXR1Lm5ldC9yZWRraW5ncy1jYXNpbm8tNTAtZGFybW93eWNoLXNwaW5vdy12dDkyNS5odG0=&dyn_id=no_zone (casinoredkings_setup.exe)

17 / 68 (inconclusive)

http://download.casino.redkings.com/download.php?aname=rtgbonus&zone_id=none&referer=aHR0cDovL3d3dy5ydGdib251cy5ldS9mcmVlc3BpbnMuaHRt&dyn_id=no_zone (casinoredkings_setup.exe)

10 / 68 (Malware)

http://download.casino.redkings.com/download.php (casinoredkings_setup.exe)

9 / 68 (Malware)

http://download.casino.redkings.com/download.php?aname=house_crk0315&zone_id=none&referer=aHR0cDovL3d3dy5jYXJkc2NoYXQuY29tL29uZ2FtZS1uZXR3b3JrLnBocA==&dyn_id=no_zone (casinoredkings_setup.exe)

7 / 68 (Malware)

http://download.casino.redkings.com/download.php?aname=bonus888&zone_id=none&referer=aHR0cDovL2Nhc2lub2JvbnVzMi5jby9jYXNpbm8tcmVkLWtpbmdzLWJvbnVzLWNvZGVz&dyn_id=no_zone (casinoredkings_setup.exe)

Related Domains

gotoeucasino.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.