home

scdn.softfiles.ru

Private Person  (Proxy Registrant)

Domain Information

The domain scdn.softfiles.ru is registered by proxy through R01-RU and was originally registered in August of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Gunzenhausen, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
R01-RU

Server location:
Bayern, Germany (DE)

Create date:
Wednesday, August 26, 2015

Expires date:
Friday, August 26, 2016

ASN:
AS24940 HETZNER-AS Hetzner Online AG,DE

Root domain:
softfiles.ru

Whois:
1 softfiles.ru record

Scanner detections:
Detections  (60% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Zona.Chetvert.Installer.Meta (M), PUP.Raberles.Icecream.Installer.Meta (L), PUP.INSITEGR.Installer (M), PUP (M), Win32.Generic
96.67%

Clam AntiVirus
Win.Trojan.Generic-453
3.33%

The domain scdn.softfiles.ru has been seen to resolve to the following 3 IP addresses.

85.10.196.94
static.85-10-196-94.clients.your-server.de
February 12, 2016

178.63.40.158
static.158.40.63.178.clients.your-server.de
February 12, 2016

85.10.200.21
85-10-200-21.clients.your-server.de
February 12, 2016

File downloads found at URLs served by scdn.softfiles.ru.

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1454457033&parameter=Adobe_Reader_Rus_Setup.exe&secl=9UK82tZzGoKnCqWKTRXgzA&se=softobase.com&cid=1082383508.1454421033&uid=78420843.95221847&ref=google  (3c4c80341131cb4fc48de56350e02393)

1 / 68      (Malware)
http://scdn.softfiles.ru/rozu2.html?sect=1458016012&parameter=Amigo_Russian_Setup.exe&secl=_upLN-A4oLSE6IYsuEcRXg&se=softobase.com&cid=102246912.1457980013&uid=79864496.29644162&ref=google  (amigo_setup.exe)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1456429514&parameter=SonyVegasPro_Trial_Setup.exe&secl=oBz0Ieg79-l2QD_TQgMDDw&se=softobase.com&cid=77751079.1456389632&uid=85918270.94683801&ref=google  (5b80c554ac0694756a8f66a5089f86a2)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1455682584&parameter=iTunes_x64_Rus_Setup.exe&secl=rxKnVDAjucTvPAYH86pENw&se=softobase.com&cid=1579755154.1455646593&uid=52441533.83207462&ref=mail.ru  (6c88fc09853b8a780f6e4aa56aefe382)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1456458441&parameter=WindowsMovieMaker_Web_Rus_Setup.exe&secl=diuRv7HDa8-TKtT5mZrwtw&se=softobase.com&cid=2058664097.1456422496&uid=18266795.46907410&ref=google  (ae9df00f2fd181d75b1dc3b21495560a)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1454818136&parameter=MicrosoftOffice2007SP3_Russian_Setup.exe&secl=NFnapF18fmeKdDwYprBb1w&se=softobase.com&cid=1613617376.1454782142&uid=87735127.84131363&ref=google  (7b84c4fc45721fdf61a022bcadf6e1ca)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1457382057&parameter=SonyVegasPro_Trial_Setup.exe&secl=ENov_hy3l7zo81UneW0azw&se=softobase.com&cid=1742930795.1457346010&uid=60622706.85930777&ref=google  (6caa165157792fe00e92fbc0ea7646d3)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1456107150&parameter=PcInspectorFileRecovery_Rus_Setup.exe&secl=fANPVQeNDuDUO4c2uKhHHw&se=softobase.com&cid=445512600.1456071152&uid=95715046.94101682&ref=google?EsetProtoscanCtx=8917490  (169ec3a62eb756e67c4a5d3a645fb85b)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1469851202&parameter=FreeScreenVideoRecorder_Russian_Setup.exe&secl=Tvc_oAYtLcqm521yQ70O8w&clr=1  (freescreenvideorecorder.exe)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1457733144&parameter=MicrosoftPowerPointViewer_Rus_Setup.exe&secl=toLJ9vMZHbFsojBbONOBZQ&se=softobase.com&cid=789078588.1455263112&uid=20152029.11766230&ref=google  (cb7c3fdbe3fe39441462f0acd6579800)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1453575920&parameter=EMCO_UnLockIT_Setup.exe&secl=Dutkuv48XrEjibsDolMl6Q&se=softobase.com&cid=830825061.1453539853&uid=88551617.48883065&ref=google  (73f61c53cc3aed5a347cb7422c3d519d)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1458698700&parameter=VirtualDub_x64_Rus_Setup.exe&secl=g4JbeEw50L4MG88rPEC6wA&se=softobase.com&cid=1635395963.1458652645&uid=89748834.12550260&ref=mail.ru  (75dad7ec20db655d3e6e9ef797972ef0)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1455083098&parameter=Total_Commander_Russian_Setup.exe&secl=CqRdM2504ZqIoaJ0VoX9nw&se=softobase.com&cid=118026463.1455047123&uid=81016616.87519279&ref=google  (873b13094e32d7d85a5ac4215e3359a7)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1467539059&parameter=MyPaint_x32_Rus_Setup.exe&secl=txdO-NCvBOdD7_-fzr8-Lw&clr=1  (mypaint-w32-1.2.0-setup.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1465242635&parameter=Audacity_Setup.exe&secl=zm4-TJo5waVhqjJjAp15UA&clr=1  (audacity-win-2.1.0rc3.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1468389012&parameter=WindowsMovieMaker_Web_Rus_Setup.exe&secl=sEHTK9iaS-FgSQLqrujZdg&clr=1  (wlsetup-web.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1468955153&parameter=FreeScreenVideoRecorder_Russian_Setup.exe&secl=3WuoARjDeLdSKV261yGCPw&clr=1  (662d8171_stp.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1460937708&parameter=TorBrowser_Rus_Setup.exe&secl=RI2fsEQwYNLcUnTDsMa4Bg&clr=1  (torbrowser-install-5.5.4_ru.exe)

1 / 68      (PUP)
http://scdn.softfiles.ru/rozu2.html?sect=1466225707&parameter=Zona_Rus_Setup_Online.exe&secl=3BCTUjdpZwJ_-CjrBlelNQ&clr=1  (zonasetup[opin].exe)

1 / 68      (Adware)
http://scdn.softfiles.ru/rozu2.html?sect=1456691281&parameter=Paint.NET_Rus_Setup.exe&secl=dvfFXZ4gLdIzlztISH2FGA&se=softobase.com&cid=96572961.1456655069&uid=40673494.63566935&ref=google  (2544359b7230d53f22c4e9f8488474d9)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1465929536&parameter=SmoothDraw_Setup.exe&secl=EAQPF-Qmat_zzyc-VZ0iiw&clr=1  (smoothdraw4setup.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1466797780&parameter=Mp3DirectCut_Setup.exe&secl=mRyVfaOEBsGX4m99lcc3Cw&clr=1  (mp3dc222.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1467146271&parameter=WondershareFilmora_Rus_Setup.exe&secl=AuwSD8dOJjGr4lRRuQDjgw&clr=1  (filmora_setup_full846.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1461299841&parameter=CreativeCloud_Rus_Setup.exe&secl=JjSsxwIMn9wyLIA9BLya-Q&clr=1  (creativecloudset-up.exe)

1 / 68      (PUP)
http://scdn.softfiles.ru/rozu2.html?sect=1468744151&parameter=IcecreamScreenRecorder_Rus_Setup.exe&secl=am6kS9DWYoVWa_PrvW36gQ&clr=1  (screen_recorder_setup.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1465085259&parameter=FakeVoice_Setup.exe&secl=Pu_GiSAFypu877K_FudLhQ&clr=1  (fvsetup.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1465101424&parameter=MorphVOXJunior_Setup.exe&secl=B47I9EMBL9snDrtq8nJ47g&clr=1  (morphvoxjunior_install-1.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1467307253&parameter=FreeScreenVideoRecorder_Russian_Setup.exe&secl=gMgZF8oa9clZEKACBATDug&clr=1  (662d8171_stp.exe)

0 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1469031256&parameter=PromoShow_Rus_Setup.exe&secl=p4WRtC19IPxsTyxf1X0Org&clr=1  (promoshow.exe)

1 / 68
http://scdn.softfiles.ru/rozu2.html?sect=1467594294&parameter=DAEMON_Tools_Lite_Rus_Setup.exe&secl=kTfXhbSqQudDiOijOzyREA&clr=1  (dtliteinstaller.exe)

 
Latest 30 of 532 download URLs

The following 7 files have been seen to comunicate with scdn.softfiles.ru in live environments.

TCP » 85.10.196.94:80
SoftobaseUpdater_2.0.exe (Softobase Updater)

TCP » 178.63.40.158:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 85.10.196.94:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 85.10.196.94:80
installpack.exe

TCP » 85.10.200.21:80
directx_9.10.11.exe

TCP » 85.10.200.21:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 178.63.40.158:80
installpack.exe

TCP » 178.63.40.158:80
installpack.exe

TCP » 85.10.196.94:80
installpack.exe

TCP » 85.10.196.94:80
installpack.exe

TCP » 85.10.200.21:80
SoftobaseClient.exe (SoftobaseClient by Microsoft)

URL:
http://scdn.softfiles.ru/

Web server:
nginx/1.9.10

besplatnyeprogrammy.ru

dl-softobase.com

freeversion.ru

freeversions.ru

installpack.net

installpack.ru

moiprogrammy.net

moywot.ru

sftcdn.ru

sftpps.ru

sftsrv.ru

sftwr.ru

soft-apps.ru

softcdn.ru

softhome.ru

softmen.ru

softobase.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.