home

ck.kolivas.org

Con Kolivas

Domain Information

Currently this domain has been known to host various forms of malware. The hosted servers are located in Helsinki, Southern Finland within Finland which resides on the RIPE Network Coordination Centre network.
Registrar:
PlanetDomain Pty Ltd (R134-LROR)

Server location:
Southern Finland, Finland (FI)

ASN:
AS49866 LOOPBACK Loopback Oy,FI

Root domain:
kolivas.org

Whois:
2 kolivas.org records

Scanner detections:
Malware distribution  (60% detected)

Scan engine
Details
Detections

Reason Heuristics
Unnamed.Threat.27, Unnamed.Threat.14, Unnamed.Threat.23, Unnamed.Threat.11
50.00%

K7 AntiVirus
Trojan , Unwanted-Program
40.00%

Avira AntiVirus
APPL/Graftor.120316.35, APPL/Bitcoinminer.Gen
40.00%

Baidu Antivirus
Trojan.Win32.BitCoinMiner, Hacktool.Win32.BitCoinMiner
40.00%

Trend Micro House Call
TROJ_GEN.F47V1111, TROJ_SPNV.03A614, Suspicious_GEN.F47V0204
30.00%

ESET NOD32
Win32/BitCoinMiner.AF (variant), Win32/BitCoinMiner.BY potentially unsafe (variant), Win32/BitCoinMiner.BF potentially unsafe (variant)
30.00%

McAfee
Artemis!85C57C2FA024, Artemis!AA5108D81652
20.00%

Malwarebytes
PUP.Optional.Cgminer
20.00%

avast!
Java:BitCoinMiner-A [PUP]
20.00%

Kaspersky
not-a-virus:NetTool.Win32.Sniffer
20.00%

ViRobot
Trojan.Win32.S.BitCoinMiner.881166.A, Trojan.Win32.A.Gena.2430278[h]
20.00%

Sophos
Generic PUA KE, Bitcoin Miner (PUA)
20.00%

Dr.Web
Threat.Undefined, Tool.BtcMine.657
20.00%

ESET NOD32
Win32/BitCoinMiner.BY potentially unsafe application
10.00%

Quick Heal
JAVA.Suspicious.Gen
10.00%

The domain ck.kolivas.org has been seen to resolve to the following IP address.

193.19.136.183
reaver.kolivas.org
January 22, 2014

File downloads found at URLs served by ck.kolivas.org.

0 / 68
http://ck.kolivas.org/apps/cgminer/.../cgminer-4.8.0-windows.7z  (6bf38f978a971a689ac727a3d6b2c246)

7 / 68      (PUP)
http://ck.kolivas.org/apps/cgminer/.../cgminer.exe  (aa5108d81652ff2b802ed1b529563e4e)

7 / 68      (PUP)
http://ck.kolivas.org/apps/cgminer/.../cgminer.exe  (f34d989b207e003cd9db40bc2ad0cec5)

0 / 68
http://ck.kolivas.org/apps/cgminer/.../zadig_xp_v2.0.1.161.exe  (bc43f182e0c05ba4c2f7ba50e31cd5cf)

0 / 68
http://ck.kolivas.org/apps/cgminer/.../zadig_v2.0.1.161.exe  (fec2bf51703e531757eee820577aa91c)

0 / 68
http://ck.kolivas.org/apps/cgminer/.../cgminer-nogpu.exe  (85bdf8b151272fd98c0b5572d08a6a04)

16 / 68    (PUP)
http://ck.kolivas.org/apps/cgminer/.../cgminer-3.9.0-windows.7z  (202b7287a7213ff718b6a18cbadd5b7f)

0 / 68
http://ck.kolivas.org/apps/.../cgminer-4.8.0-windows.zip  (06c42c8deb593c937d3633f9d2175b04)

1 / 68      (Malware)
http://ck.kolivas.org/apps/.../cgminer-3.8.4-windows.zip  (0b8ce388b854e0c3691239506d49861a)

1 / 68      (Malware)
http://ck.kolivas.org/apps/cgminer/.../cgminer-3.8.3-windows.zip  (3f3a1f0b5007f7180996620f5b5f34f2)

1 / 68      (Malware)
http://ck.kolivas.org/apps/cgminer/.../cgminer-3.8.4-windows.7z  (2de9a97cdf3ea3f19e6f16eb18f0596d)

0 / 68
http://ck.kolivas.org/apps/cgminer/.../cgminer-4.3.3-windows.7z  (fd3a4d28fc43d376d4e62039e07fc400)

1 / 68      (Malware)
http://ck.kolivas.org/apps/cgminer/.../cgminer-4.3.4-windows.zip  (7609c1ea03b79f1d4038539ec58cd836)

1 / 68      (Malware)
http://ck.kolivas.org/apps/cgminer/.../cgminer-3.8.0-windows.zip  (df6a47bf547d554bb71ee66ec396665d)

11 / 68    (PUP)
http://ck.kolivas.org/apps/.../cgminer-3.8.1-windows.zip  (f9e701f87a20168dbdd06d53631fbfea)

URL:
http://ck.kolivas.org/

Title:
“Index of /”

Web server:
Apache/2.2.15 (CentOS)

Facebook:
Shares:  3

Twitter:
Shares:  46

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.