home

sb.sftwr.ru

Private Person  (Proxy Registrant)

Domain Information

The domain sb.sftwr.ru is registered by proxy through R01-RU and was originally registered in August of 2015. The hosted servers are located in Gunzenhausen, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
R01-RU

Server location:
Bayern, Germany (DE)

Create date:
Wednesday, August 26, 2015

Expires date:
Friday, August 26, 2016

ASN:
AS24940 HETZNER-AS Hetzner Online AG,DE

Root domain:
sftwr.ru

Whois:
1 sftwr.ru record

The domain sb.sftwr.ru has been seen to resolve to the following 3 IP addresses.

85.10.200.21
85-10-200-21.clients.your-server.de
October 26, 2015

85.10.196.94
static.85-10-196-94.clients.your-server.de
October 26, 2015

178.63.40.158
static.158.40.63.178.clients.your-server.de
October 26, 2015

File downloads found at URLs served by sb.sftwr.ru.

0 / 68
http://sb.sftwr.ru/KMPlayer_Rus_Setup.exe  (kmp_4.1.0.3.exe)

0 / 68
http://sb.sftwr.ru/ProShowProducer_Trial_Setup.exe  (pspro_70_3514.exe)

0 / 68
http://sb.sftwr.ru/360TotalSecurity_Rus_Setup_sb.exe  (16f5b0422d197710dec93a908af86c41)

1 / 68      (Adware)
http://sb.sftwr.ru/BlueStacks_Rus_Setup.exe  (2b5ec1747b32d7c65fc083271446a3db)

0 / 68
http://sb.sftwr.ru/RylstimScreenRecorder_Setup.exe  (rylstim-screen-recorder.exe)

0 / 68
http://sb.sftwr.ru/iTools_Setup.exe  (iTools.exe)

0 / 68
http://sb.sftwr.ru/WorldOfTanks_Rus_Installer.exe  (ws13e96d68.dat)

1 / 68
http://sb.sftwr.ru/Nero_9.4.12.3_Free_Rus.exe  (nero-9.4.12.3_free.exe)

0 / 68
http://sb.sftwr.ru/jetAudioBasic_Rus_Setup.exe  (jad8104_plus_vx_u.exe)

0 / 68
http://sb.sftwr.ru/SkypePortable_Rus_Online.exe  (SkypePortable_7.18.0.103_online.paf.exe)

1 / 68
http://sb.sftwr.ru/Directx_9.10.11.exe  (directx_9c.10.1.11.exe)

1 / 68      (PUP)
http://sb.sftwr.ru/Sputnik_Rus_Setup.exe  (sputnik_bundle.exe)

2 / 68
http://sb.sftwr.ru/Zona_Rus_Setup_Online.exe  (zona_russian_setup_online.exe)

1 / 68      (Malware)
http://sb.sftwr.ru/VLC_MediaPlayer_x64_Rus_Setup.exe  (vlc-2.2.2-win64_[www.programosy.pl].exe)

0 / 68
http://sb.sftwr.ru/Volume2_Rus_Setup.exe  (setup_volume2_1_1_3_247.exe)

2 / 68
http://sb.sftwr.ru/CCleaner_Rus_Setup.exe  (ccsetup513.exe)

0 / 68
http://sb.sftwr.ru/SlimBrowser_Rus_Setup.exe  (sbsetup.exe)

1 / 68      (inconclusive)
http://sb.sftwr.ru/Shareman_Rus_Setup.exe  (sharemansetup.exe)

0 / 68
http://sb.sftwr.ru/SweetHome3D_Setup.exe  (sweethome3d-5.2-windows.exe)

1 / 68
http://sb.sftwr.ru/MadTracker_Setup.exe  (mt261_full.exe)

3 / 68      (inconclusive)
http://sb.sftwr.ru/AdwCleaner_Rus_Setup.exe  (adwcleaner_5.101.exe)

0 / 68
http://sb.sftwr.ru/Adobe_Flash_Player_Opera_Chromium.exe  (flashplayerinstaller.exe)

0 / 68
http://sb.sftwr.ru/Adobe_Flash_Player_Firefox.exe  (adobe flash player21.0.0.197.exe)

0 / 68
http://sb.sftwr.ru/PrivateTunnel_Setup.exe  (privatetunnel-win-2.4.exe)

0 / 68
http://sb.sftwr.ru/LockHunter_x32_Setup.exe  (lockhuntersetup32_2-0-beta2.exe)

1 / 68      (inconclusive)
http://sb.sftwr.ru/VLC_MediaPlayer_x32_Rus_Setup.exe  (vlc-2.2.2-win32.exe)

0 / 68
http://sb.sftwr.ru/PixBuilderStudio_Rus_Setup.exe  (pixbuilder_setup.exe)

5 / 68      (inconclusive)
http://sb.sftwr.ru/InstAllAPK_Rus_Setup.exe  (8a1e5d8f5c75573aa2deaf249e790771)

0 / 68
http://sb.sftwr.ru/WinRAR_x64_Rus_Setup.exe  (winrar-x64-531ru.exe)

0 / 68
http://sb.sftwr.ru/Warface_Rus_Loader.exe  (warfaceloader_0bede50cc7f273f4bd984b99ef917452.exe)

 
Latest 30 of 140 download URLs

The following 7 files have been seen to comunicate with sb.sftwr.ru in live environments.

TCP » 85.10.196.94:80
SoftobaseUpdater_2.0.exe (Softobase Updater)

TCP » 178.63.40.158:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 85.10.196.94:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 85.10.196.94:80
installpack.exe

TCP » 85.10.200.21:80
directx_9.10.11.exe

TCP » 85.10.200.21:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 178.63.40.158:80
installpack.exe

TCP » 178.63.40.158:80
installpack.exe

TCP » 85.10.196.94:80
installpack.exe

TCP » 85.10.196.94:80
installpack.exe

TCP » 85.10.200.21:80
SoftobaseClient.exe (SoftobaseClient by Microsoft)

URL:
http://sb.sftwr.ru/

Web server:
nginx/1.9.10

besplatnyeprogrammy.ru

dl-softobase.com

freeversion.ru

freeversions.ru

installpack.net

installpack.ru

moiprogrammy.net

moywot.ru

sftcdn.ru

sftpps.ru

sftsrv.ru

soft-apps.ru

softcdn.ru

softfiles.ru

softhome.ru

softmen.ru

softobase.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.