soft53.net

Ivan Zaycev

Domain Information

The domain soft53.net registered by Ivan Zaycev was initially registered in September of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Friday, September 12, 2014

Expires date:
Saturday, September 12, 2015

Updated date:
Tuesday, April 21, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.OOOAlians.R, PUP.Installer.InformationTechnologySystemsdoo.R, PUP.OOONextStarsGroup.Installer (M), PUP.installCore.OOOAlians.Installer (M), PUP.installCore.Installer, PUP.installCore.OOOAlian.Installer (M), PUP.InstallCore.RES (M), PUP.installCore (M)
100.00%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4786018, Threat.4150696
26.32%

Dr.Web
Trojan.MulDrop5.38104, Trojan.InstallCore.650
21.05%

AVG
Generic
21.05%

K7 AntiVirus
Trojan , Adware
21.05%

NANO AntiVirus
Riskware.Win32.InstallCore.dfgool, Riskware.Win32.InstallCore.dsgvzi
21.05%

Avira AntiVirus
ADWARE/InstallCore.Gen7, ADWARE/InstallCore.Gen9
21.05%

ESET NOD32
Win32/InstallCore.QC potentially unwanted application, Win32/InstallCore.QL potentially unwanted application, Win32/InstallCore.UE potentially unwanted application
21.05%

Zillya! Antivirus
Adware.InstallCore.Win32.258
15.79%

IKARUS anti.virus
PUA.Alians
15.79%

Vba32 AntiVirus
Malware-Cryptor.InstallCore.gen
15.79%

herdProtect (fuzzy)
a variant of c6ec30a35de548c8b50415c1b7c90d7488ecd144, a variant of ad95830ae4932bb3a8b4ede509363fbd23d09f24
10.53%

ESET NOD32
Win32/InstallCore.QL (variant)
5.26%

Sophos
PUA 'Install Core Click run software'
5.26%

Agnitum Outpost
PUA.InstallCore
5.26%

The domain soft53.net has been seen to resolve to the following 2 IP addresses.

ip-50-63-202-51.ip.secureserver.net
July 12, 2015

September 18, 2014

File downloads found at URLs served by soft53.net.

The following 73 files have been seen to comunicate with soft53.net in live environments.

 
Latest 20 of 75 files

URL:
http://soft53.net/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)