home

get-styles.ru

Private Person  (Proxy Registrant)

Domain Information

The domain get-styles.ru is registered by proxy through REGISTRATOR-RU and was originally registered in October of 2008. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Nuremberg, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
REGISTRATOR-RU

Server location:
Bayern, Germany (DE)

Create date:
Friday, October 31, 2008

Expires date:
Monday, October 31, 2016

ASN:
AS24940 HETZNER-AS Hetzner Online GmbH,DE

Whois:
1 get-styles.ru record

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.TRIORIS.U, PUP.SergeyCherezov.X, PUP.SergeyCherezov.U, PUP.SergeyCherezov.V, PUP.Installer.SergeyCherezov.K, PUP.SergeyCherezov.Installer (M), PUP.SergeyCh.Installer (M)
93.75%

Dr.Web
Trojan.Triosir.1, Adware.Plugin.65, Adware.Bho.3875
50.00%

Trend Micro House Call
TROJ_GE.7C18449F, TROJ_GEN.F47V0721, TROJ_GEN.F47V1214, TROJ_GE.203227CA, Suspicious_GEN.F47V0710
37.50%

McAfee
Artemis!E137228CBDBC, Artemis!FFC3F5BDE568, Artemis!BE73EF4F7F76
18.75%

Comodo Security
Heur.Suspicious
12.50%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
6.25%

F-Secure
Application:W32/Generic.70053c248f!Online
6.25%

Rising Antivirus
PE:Trojan.Win32.Generic.1247BBCF!306691023
6.25%

XVirus List
Win32.Detected
6.25%

The domain get-styles.ru has been seen to resolve to the following IP address.

188.40.33.203
static.203.33.40.188.clients.your-server.de
February 27, 2016

File downloads found at URLs served by get-styles.ru.

1 / 68      (Adware)
http://get-styles.ru/getstat/.../670759_vktemy_1022019617f713d202ac947aaf399c  (vktemy_1022019617f713d202ac947aaf399c.exe)

1 / 68      (Adware)
http://get-styles.ru/getstat/.../9  (get-styles.exe)

4 / 68      (Adware)
http://get-styles.ru/download/.../Get-StylesUtils_toolbar.exe  (684791d539c1ca026295fbafd82b7b72)

4 / 68      (Adware)
http://get-styles.ru/download/.../Get-StylesFF_toolbar.exe  (ffc3f5bde568e19314585299343091d7)

4 / 68      (Adware)
http://get-styles.ru/download/.../Get-StylesOP_toolbar.exe  (get-stylesopl_toolbar.exe)

1 / 68      (Adware)
http://get-styles.ru/getstat/up/.../  (get-styles.exe)

1 / 68      (Adware)
http://get-styles.ru/getstat/.../4  (get-styles.exe)

1 / 68      (Adware)
http://get-styles.ru/getstat/.../687805_vktemy_343807  (vktemy_343807.exe)

1 / 68      (Adware)
http://get-styles.ru/getstat/.../22  (get-styles.exe)

1 / 68      (Adware)
http://get-styles.ru/getstat/.../670786_vktemy_131.66395477  (vktemy_72.46379438.exe)

3 / 68      (PUP)
http://get-styles.ru/.../Get-StylesCH_toolbar.exe  (ee47602a166eb90f0b3ae7ed56d77aa0)

2 / 68      (false positives)
http://get-styles.ru/download/.../Get-StylesIE_toolbar.exe  (wrar420.exe)

4 / 68      (Adware)
http://get-styles.ru/.../Get-StylesUtils_toolbar.exe  (684791d539c1ca026295fbafd82b7b72)

5 / 68      (Adware)
http://get-styles.ru/.../Get-StylesIE_toolbar.exe  (8b34ea87e0e41e5f4c34a50f51d6facb)

3 / 68      (PUP)
http://get-styles.ru/.../Get-StylesFF_toolbar.exe  (ea34a28ef573881d6bab448ced2a753f)

4 / 68      (PUP)
http://get-styles.ru/.../Get-StylesCH_toolbar.exe  (e137228cbdbcd2eceae2d76ffe123423)

2 / 68      (PUP)
http://get-styles.ru/.../Get-StylesOP_toolbar.exe  (768aca09e5d6a62cbcab7cb62eede749)

The following 2 files have been seen to comunicate with get-styles.ru in live environments.

TCP » 188.40.33.203:443
uran.exe (Uran by uCoz Media and Chromium Authors)

TCP » 188.40.33.203:443
kometa.exe (Kometa by @COMPANY_FULLNAME@)

URL:
http://get-styles.ru/

Google Analytics:
UA-8953174

Title:
“Темы для контакта: скачивайте новые темы оформления каждый день, большой выбор бесплатных тем”

Description:
“Сервис позволяет вам легко и быстро сменить свою тему оформления ВКонтакте, без каких-либо специфических знаний! Более 800 различных оформлений, тем. Выбирайте любую!”

SSL certificate subject:
CN=get-styles.ru

SSL certificate issuer:
CN=WoSign CA Free SSL Certificate G2, O=WoSign CA Limited, C=CN

Web server:
nginx

Facebook:
Likes:  15
Shares:  204
Comments:  1

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.