home

gogicrypt.net

WhoisProtectService.net PROTECTSERVICE, LTD. gogicrypt.net@whoisprotectservice.net

Domain Information

The domain gogicrypt.net registered by WhoisProtectService.net PROTECTSERVICE, LTD. gogicrypt.net@whoisprotectservice.net was initially registered in March of 2014 through EVOPLUS LTD. Currently this domain has been known to host various forms of malware. The hosted servers are located in Kharkiv, Kharkivs'Ka Oblast' within Ukraine which resides on the RIPE Network Coordination Centre network.
Registrar:
EVOPLUS LTD

Server location:
Kharkivs'Ka Oblast', Ukraine (UA)

Create date:
Wednesday, March 5, 2014

Expires date:
Thursday, March 5, 2015

Updated date:
Wednesday, March 5, 2014

ASN:
AS43918 IPSYSTEMS-AS TK IPSYSTEMS Ltd.

Whois:
1 gogicrypt.net record

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

McAfee
RDN/Generic PWS.y!yk
100.00%

Trend Micro House Call
TROJ_GEN.R047H01CG14
100.00%

Kaspersky
Trojan-Spy.Win32.Ursnif
100.00%

Comodo Security
UnclassifiedMalware
100.00%

Microsoft Security Essentials
TrojanSpy:Win64/Ursnif.A
100.00%

ESET NOD32
Win64/PSW.Papras.AH (variant)
100.00%

Panda Antivirus
Trj/CI.A
100.00%

Qihoo 360 Security
Win32/Trojan.PSW.981
100.00%

XVirus List
Win.Detected
100.00%

The domain gogicrypt.net has been seen to resolve to the following IP address.

176.102.37.58
March 19, 2014

File downloads found at URLs served by gogicrypt.net.

9 / 68      (Malware)
http://gogicrypt.net/client64.dll  (9d3453b9ce2d4ed7d9d62683b3b34bd3)

URL:
http://gogicrypt.net/

Web server:
nginx (PHP/5.3.3)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.