Download
Community
knowledgeBase
» a.safegamescat.work
Overview
Analysis
IPs Addresses (8)
Downloads (11)
Network (3)
a.safegamescat.work
Domain Information
Server location:
Oregon, United States (US)
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Root domain:
safegamescat.work
Analysis
Scanner detections:
Malware distribution (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Optional.PCUtilities.Task.Meta (M), Threat.Win.Reputation.IMP
100.00%
F-Secure
Gen:Variant.Adware.MPLug
9.09%
Emsisoft Anti-Malware
Gen:Variant.Adware.MPLug.50
9.09%
ESET NOD32
Win32/Adware.MultiPlug.MN application
9.09%
Avira AntiVirus
TR/Crypt.XPACK.Gen
9.09%
Norman
Gen:Variant.Adware.MPLug.50
9.09%
Malwarebytes
PUP.Optional.MultiPlug
9.09%
avast!
Win32:MultiPlug-AAE [PUP]
9.09%
IPs Addresses
The domain a.safegamescat.work has been seen to resolve to the following 8 IP addresses.
52.27.128.56
ec2-52-27-128-56.us-west-2.compute.amazonaws.com
April 10, 2016
52.27.128.62
ec2-52-27-128-62.us-west-2.compute.amazonaws.com
April 10, 2016
52.27.128.59
ec2-52-27-128-59.us-west-2.compute.amazonaws.com
April 10, 2016
52.25.121.207
ec2-52-25-121-207.us-west-2.compute.amazonaws.com
June 26, 2015
52.26.142.237
ec2-52-26-142-237.us-west-2.compute.amazonaws.com
June 26, 2015
52.26.130.111
ec2-52-26-130-111.us-west-2.compute.amazonaws.com
June 26, 2015
54.68.13.248
ec2-54-68-13-248.us-west-2.compute.amazonaws.com
June 19, 2015
54.200.195.191
ec2-54-200-195-191.us-west-2.compute.amazonaws.com
June 19, 2015
Downloads
File downloads found at URLs served by a.safegamescat.work.
1 / 68 (Malware)
http://a.safegamescat.work/hp/?q=FpfMQLihs/M wysurpaJ4Ny7XGJTXgAILHC0pdidLic4vWzo4JiFqJ82mXYHMH8dXXrIpwJdhmPLoTtyxRtKVOTpMAwbNkpYCZVLLjrKjxEhGE4sobf0UTJVKRJKANRi2ZFP4yl neWfID64nlwJ4ww5kZHZFMNdPIlW9ecTse5w37YKg8N1J4WFrXsGawFtBd3 k3ncHj6QHwM8HYHQT6dOLxeN8cPaeqCPc9c1gZxzXwfEgheCQ2I Z7SJPhaeRoBP/VjN7dnErL/9D/.../wEdgfs5WlDkCDj dnSTmSnjMgpvvDtWH kGrrvuKB7MDM
(superhuman ft chris brown.exe)
1 / 68 (Malware)
http://a.safegamescat.work/hp/?q=M/k79xYQA0Mq8UMOQIyxLa9 o2u3foy lC vFHFO7b8frObSBG8ob6KaRzbYiKD2u5dibG4eyJFPuR3NaUzBJhAe1nFPd8 0SEADOjizJjiYxqyLzaj/f7IqmjgogDi/.../qOkr2SZDtInWX0GA0fQW1MZ45RafdQjwwRJVZEHtbOp4U2w1UcJ1YoztMURxJgSKfbsrhYXMYnmdO
(waterworld.exe)
1 / 68 (Malware)
http://a.safegamescat.work/hp/?q=0izaKm2fYuuadefABCV5FIAbAMohbqtbBlgnX4MiFFWjSMNHMWvVLZBiwNLNat7jxWt9gNZliwQwCf9j9vjaRbvI5k7EUqY bK5HGE1AGm4x038Ar6tuek/HZWNt42KxgnI3yoCmz3P37sHWyKvq0mIQjPUcS0WDuQtsvWFGFsQIlVqEKVT82Rcq VU/oYYlITHqGYnJK3ND3UtzwN/vEQrcVv6n8lON9crx8vIC32KdwjD6sZN8nUrYjgsGR472WWtmN6JJc939GDP5u2jmUj M D04P3Tps8 WmwFtlVtsqYwIJwTiIw2p5ujv5k7Eb3PSjt5z9mzPmTyxbCig46xvmyVkN sy0RZMSHh6/pcq9arr/VeOHVGUCTL79jYiAnIbDCYB3h5Jm1DAZZ 28ZRqlJGRzQI K062X5JxRQnH6wxJspqUnci197eKr9uaLHrI4PQKLgWkQ3IV51l/.../ueg 2BTXxBFSPhCT7Aoytsv2yD7Iwt 1IdiO0i
(exam ref 70-532 - developing microsoft azure solutions.exe)
1 / 68 (Malware)
http://a.safegamescat.work/hp/?q=R5XF6/tgs6o3uikg01AwjUpp14Af8zTCAGX4WWtlkE/JRdB4LctvaGaRzHGvbqxfEYfzr2yMEvk5 KLnsTv14GdOjROaL8aOAgIDst0u YJHROkGQLcKnVr8U3f/DqfcaJOzCgRd3SgmV7wbqbaJZJgGEW9Uh89oVMDrgZ5WIjGPrXwPvuUrWo3wHS10nPDJYepm4zT9x BW1jjJ0EHkcBY5wIfRaSK7HlX55j/FqZOX9FZ0OM19LZwmkSwRuG7vgVVW6O6ZBwZA2M6nhcCRoOUzCZO0Nz52cMOUfbgkfg0LyNRA8DfB/NJEKciuDENDzpYj6grMv2lozCPyTey1EfySMBVG5ctbaMUeZ4RGJZXGaX9PcZVKrt/MlD2 RE1l4LrwG6dI2Y /Dqe6PCUq7w6kbK7Y2z6ROyTL6x6pKC/cKOLSTvr8NyebgXV9ALAqxvmhxOWC rxY MwDJDbzzCloHVGObjH4DwMw xazBntftxV2rw77jDeRSVg4 XgEv0hZxlfwPO1CUAaHxjPRiuWRC9VWjgnVi1Z9xseBCHp1ARMLXtsCE0jYSaAqUiLKchS/ MFEF3wG9l9NJBWpki49 Nn91cWhOEIEr8QXqm4QG4OYqWvyLcqjwFpV3WV/.../CGpcn
(exam ref 70-533 - implementing microsoft azure infrastructure solutions pdf.exe)
1 / 68 (Malware)
http://a.safegamescat.work/hp/?q=40AObsPE2qDuVvqomj3Ncus477TtGZMgLbYjej9l ida9H2qYidU3r4YiL73eIZ3xs3BIFGjLIwljiKbahlSBzw9r5dDewRWyovXXrSW5bXh1/KwrK8TCgcHZrqSVAgS9EV9rfCys6iIc57Ndmg0UG/dhUX38kzTatYYuK3cWOFGo1tQk5tjtAYy8Lf1FHPvH0Jid2yNNBohlqj7Kt9o/.../AcP69NW z7R4Mky2wFVeOwNAqZ54vPHEOIMmLcWHO0t0p93qpNKoiGEkBSlzfH7N6DGIjTnW4fKIfI1ACJmbUzovnWGYUO3rRIvjLjBr2U3O78uC1haNCYhRObOHmJ9dM9ypMrQfpULSvqrF5rYxO2
(game of thrones s02 720p bluray x264 shaanig.exe)
1 / 68 (Malware)
http://a.safegamescat.work/hp/?q=/vn5yT5YcokSSvqomj3NwL zjFHmLAVrJwf6q2xkYnmWZflWbShcmvXRh/MvgdcTSYGT6f/eDNx9gaf kBngV/KBTBk80ilRhhVr8nH1PpikP2YcspAQ5fThIBPakrt/qEYDUHOqzwlR9S5tEnQCZev/.../IwaS8wedW5hZ 390pjXMQQo8UdbipFkE2xMw1KH1dRUx6Vx7iUTC3eO3
(download.exe)
1 / 68 (Malware)
http://a.safegamescat.work/hp/?q=5Ps1LlXSlYq ikg012B0dZZeKgm/SBpJhvdzNt9fs4Q5JTlNp ZyrCuCfsw2/GQaBEa9cZLuavXnhhKZr6glVAvqdkpiB521DxI9ydifUbCnN cFx2Bj9676RirVUpgYuPuU1VMPD3m65a0oTLKbhuCwYHIXZ16/hEt1v/.../tmKRiwVZcGRCOjgwAvUMEyIdYUpkGANOL7oWxvtJbjA6iwJLSdYO983px6YmqHfwr
(quake 2.exe)
1 / 68 (Malware)
http://a.safegamescat.work/hp/?q=K56N1wDYaP L45678Udax1kWQChtJmCXg/lz4hBbkZ0P33gRmrKpAHyCmoIJ9oB7qeKKMozl9EuSWqc20PRba0m6y z48CapxI T10F0HuOUshXFVY/.../iqNy Edhwy3lpzIBrS3y7PH8xooOKzlLmY75vrw7Ff0YbFxVXypnqeudN85rmTsXgwcJJDZIYXP6jivALAf76NSa97Dh2QAKJN3xTK6
(download.exe)
1 / 68 (PUP)
http://a.safegamescat.work/hp/?q=iAcYUBVJ28I82TVNPRx w d8Ocx9Mg pmyacPOFYQLevYhYQwN6aHg7MuwT9EYRGvRudatKfN3imVw2YPIerYRXG96rlst6EUm6cLwZNnK/t1cwmqE5s Ru47gF9Z4XuGVnlNaPz/.../TlDJOqW6KGvSyRThFPUUqnuMeBZK2F dGE KG48KCN6Eo5RBIXjhF23OSJ QiZb
(the.wedding.ringer.2015.1080p.brrip.x264-yify.exe)
1 / 68 (Malware)
http://a.safegamescat.work/hp/?q=Sz6N1He63aaQcomjlh5p2JQ5CnVcdg12W/GKm9W5ragsZ7adsLqk2r93l933reOgkzUIAvUhsI5cE0PB0ULeOawW/gpGZ5anfkTEN6okDq4eIXbKK6vcgxreI5Gfo1Nz9juM8TnObN0jPOiw1BVYUfuxLxfqdgyWS4cGwuWBWLIq1nQenxCuMK5NMD5eRLACHBUOXc82cZMqEiv7E4DJCvgmrgtzwNWoXX1dMLFMlz1McyIKzflzwAojuSuYiHNIpbyk5Ebur/xKhkKUxIYhzWvqe/UvkHBV7COf4iYWMpY6izh2lsUv5kfNgcbl1Gahys iHHm9QHMVk6luM2SPVAfNhE3KGPhSny93kGRdQxZUNjN3l92xAIOtaWHo4ib2Wo19jTDI5kDFEzx0N8f5kJxmTEttz6uv8vD038hP72EV/paBa3vIfl/GP2L5P1nMnG8ycEMYAJzS 9LE/jfp0f1wlDj/tcsS4fhiHVqp2PxL0R uBqsRObAQfqtlHg/mR/.../4WzyowYz7Ot9o5r0FGzDgzYd0c0 H4Bd8zJHiiazDIZj8Xk9r4kGCQHIfsSaSs7TW9uS7GdJqhipJUqxMPPIQnSxpHsyQ6HmEeWa1TDiKA5b2TAGego7b76Dm9mZc
(el nio 44 _ tom rob smith _ varios formatos _ ul.exe)
8 / 68 (PUP)
http://a.safegamescat.work/hp/?q=my7P2qohdYpaBCDWYSJTi4F49AngaIZ3cmaUvjXk49T/HZsur9sKl2O 9ZGUaAZno1W1g2hf6gvYG0NzCpRKLJyCEDU59ZKJdbbf9RhPU0Nk3h7fAJVrK8xHuYE7AXqmy4Ib4i8KZKcbTvhzFqzYUplIJ2HI/hAOJuuXgjbZVO0ZFCwXbKTzmbr4P/.../U7u2PyO
(fix my registry.exe)
Network Communications
The following 3 files have been seen to comunicate with a.safegamescat.work in live environments.
TCP »
52.27.128.56
:80
updating.exe
TCP »
52.27.128.59
:80
download.exe
TCP »
52.27.128.62
:80
updating.exe
TCP »
54.68.13.248
:80
tmp781a.tmp
X