» k960742l.bget.ru
Overview
Analysis
IPs Addresses (1)
Downloads (3)
Website Detail
Related Domains (2)

k960742l.bget.ru

Private Person (Proxy Registrant)

Domain Information

The domain k960742l.bget.ru is registered by proxy through R01-RU and was originally registered in April of 2008. Currently this domain has been known to host various forms of malware. The hosted servers are located in Saint Petersburg, Saint Petersburg City within Russia which resides on the RIPE Network Coordination Centre network.

Registrant:

Private Person

Registrar:

R01-RU

Server location:

Saint Petersburg City, Russia (RU)

Create date:

Wednesday, April 9, 2008

Expires date:

Sunday, April 9, 2017

ASN:

AS198610 BEGET-AS Beget Ltd, RU

Root domain:

bget.ru

Whois:

1 bget.ru record

Scanner detections:

Malware distribution (67% detected)

Scan engine

Details

Detections

F-Prot

W32/Trojan3.TXM, W32/Virut.C.gen

100.00%

avast!

Win32:Malware-gen, Win32:Vitro

100.00%

Kaspersky

Trojan.Win32.Fsysna, Virus.Win32.Virut

100.00%

Emsisoft Anti-Malware

Trojan.GenericKD.3082982, Win32.Virtob.Gen.12

100.00%

Dr.Web

Trojan.Inject2.16408, Win32.Virut.56

100.00%

VIPRE Antivirus

Trojan.Win32.Generic, Threat.4120919

100.00%

Microsoft Security Essentials

Backdoor:Win32/Fynloski.A, Threat.Undefined

100.00%

McAfee

Artemis!5ACE43423D10, Virus.W32/Virut.n.gen

100.00%

MicroWorld eScan

Trojan.GenericKD.3082982

50.00%

AegisLab AV Signature

Troj.W32.Fsysna!c

50.00%

Arcabit

Trojan.Generic.D2F0AE6

50.00%

ESET NOD32

Win32/Injector.CTPK (variant)

50.00%

Bitdefender

Trojan.GenericKD.3082982

50.00%

Lavasoft Ad-Aware

Trojan.GenericKD.3082982

50.00%

F-Secure

Trojan.GenericKD.3082982

50.00%

The domain k960742l.bget.ru has been seen to resolve to the following IP address.

5.101.152.68

m2.free4.beget.ru

April 18, 2016

File downloads found at URLs served by k960742l.bget.ru.

10 / 68 (Malware)

http://k960742l.bget.ru/server.exe (c90abbc844c85b2bfcf4059f57f61229)

0 / 68

http://k960742l.bget.ru/server.exe (7d8afa8d24df153323bfc733ac455769)

23 / 68 (Malware)

http://k960742l.bget.ru/server.exe (5ace43423d10596a0317934ed62361e9)

URL:

http://k960742l.bget.ru/

Web server:

openresty/1.9.3.1 (PHP/5.5.34)

Related Domains

mcdl15.ru

msi-afterburner.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.