home

rufiles7.ru

Private Person  (Proxy Registrant)

Domain Information

The domain rufiles7.ru is registered by proxy through REGRU-RU and was originally registered in April of 2015. Currently this domain has been known to host various forms of malware. The hosted servers are located in Munich, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
REGRU-RU

Server location:
Bayern, Germany (DE)

Create date:
Tuesday, April 7, 2015

Expires date:
Thursday, April 7, 2016

ASN:
AS61969 TEAMINTERNET-AS Team Internet AG,DE

Whois:
2 rufiles7.ru records

Scanner detections:
Malware distribution  (67% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.iDatixCorporation, Threat.Win.Reputation.IMP, PUP.OOOSoftMedia (M)
66.67%

VIPRE Antivirus
Threat.4150696
16.67%

Dr.Web
Trojan.Packed.30382
16.67%

Emsisoft Anti-Malware
Gen:Variant.Adware.Strictor.58276
16.67%

F-Secure
Gen:Variant.Adware.Strictor
16.67%

Lavasoft Ad-Aware
Gen:Variant.Adware.Strictor.58276
16.67%

ESET NOD32
Win32/AdWare.Toolbar.Webalta.GJ application
16.67%

AVG
Could be an adware AdLoad
16.67%

avast!
Win32:PUP-gen [PUP]
16.67%

Kaspersky
not-a-virus:Downloader.Win32.Delf
16.67%

Norman
Gen:Variant.Adware.Strictor.58276
16.67%

Sophos
PUA 'WebAlta Toolbar' (of type Adware)
16.67%

Bkav FE
W32.HfsAdware
16.67%

MicroWorld eScan
Gen:Variant.Adware.Strictor.58276
16.67%

K7 AntiVirus
Adware
16.67%

The domain rufiles7.ru has been seen to resolve to the following 4 IP addresses.

194.58.56.170
April 9, 2016

185.53.179.9
April 7, 2016

185.53.179.13
June 30, 2015

5.61.39.16
September 4, 2014

File downloads found at URLs served by rufiles7.ru.

1 / 68      (Malware)
http://rufiles7.ru/downloads/.../Directx9c.exe  (329c0fbefc41a80b68941649bc87f40b)

1 / 68      (Adware)
http://rufiles7.ru/downloads/.../Directx9c.exe  (9a8e7f9bc71f8c213ed95942b28c0f78)

1 / 68      (Malware)
http://rufiles7.ru/downloads/.../artmoney743rus.exe  (69b61feb7e471299f8527cca17d7fa45)

0 / 68
http://rufiles7.ru/directx/.../directx10_windows7.exe  (directxlite_10.exe)

28 / 68    (PUP)
http://rufiles7.ru/downloads/.../directx11_windows7.exe  (08c14e715176cd888a9bd807c4fe4d25)

0 / 68
http://rufiles7.ru/directx/.../directx11_windows7.exe  (directx11_windows7_.exe)

0 / 68
http://rufiles7.ru/downloads/.../directx11_windows7.exe  (directx11_windows7_.exe)

URL:
http://rufiles7.ru/

Google Analytics:
UA-48689684

Title:
“rufiles7.ru”

Web server:
nginx

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

adtrkx.com

africa-2010.com

agamefix.com

aiprosoft.com

alawar.it

all-baza.com

alwayswindcat.com

aminst.net

angelijah.com

angelijah.net

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.