» oksrv.ru
Overview
Analysis
IPs Addresses (2)
Downloads (4)
Website Detail
Related Domains (13)

oksrv.ru

Private Person (Proxy Registrant)

Domain Information

The domain oksrv.ru is registered by proxy through REGRU-RU and was originally registered in February of 2016. Currently this domain has been known to host various forms of malware. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.

Registrant:

Private Person

Registrar:

REGRU-RU

Server location:

Nord-Pas-De-Calais, France (FR)

Create date:

Thursday, February 11, 2016

Expires date:

Saturday, February 11, 2017

Whois:

1 oksrv.ru record

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.SilverSo (M), PUP (M)

100.00%

ESET NOD32

Win32/Kryptik.FAKL trojan

25.00%

Dr.Web

Trojan.LoadMoney.336

25.00%

The domain oksrv.ru has been seen to resolve to the following 2 IP addresses.

37.187.118.188

ns334112.ip-37-187-118.eu

August 17, 2016

91.215.155.222

mizma448.vds

July 9, 2016

File downloads found at URLs served by oksrv.ru.

1 / 68 (Malware)

http://oksrv.ru/1d4p?keyword=stalker-spetsnaz-mod-2015-torrent (stalker-spetsnaz-mod-2015-torrent.exe)

1 / 68 (Malware)

http://oksrv.ru/tables?keyword=??????? ????????? ??? ???????? ??????????&charset=utf-8 (vasiliy mahanenko mir barlionyi audiokniga.exe)

1 / 68 (PUP)

http://oksrv.ru/tables?keyword=???? ?????????? ??? ios&charset=utf-8 (igryi simulyatoryi dlya ios.exe)

3 / 68 (PUP)

http://oksrv.ru/tables?keyword=??????????? ?????????? ?????? ????????&charset=utf-8 (prezentatsiya ekstremizm ugroza obschestvu.exe)

URL:

http://oksrv.ru/

Title:

“Softportal - Самая большая база файлов c постоянным обновлением.”

Web server:

nginx/1.0.14 (PHP/5.3.10)

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.