home

cheatengine.org

Whois Privacy Protection Service, Inc.  (Proxy Registrant)

Domain Information

The domain cheatengine.org is registered by proxy through eNom, Inc.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Registrar:
eNom, Inc.

Server location:
Quebec, Canada (CA)

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.

Whois:
3 cheatengine.org records

Scanner detections:
Detections  (55% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/HackTool.CheatEngine.AB (variant), Win32/OpenCandy, Win32/Somoto (variant), Win32/HackTool.CheatEngine.AA (variant), Win32/HackTool.CheatEngine.AF potentially unsafe (variant)
69.23%

Reason Heuristics
PUP.BetterInstaller.Somoto.N, PUP.OpenCandy.Installer (L), PUP.CheatEngine.Bundler.Installer.Meta (L), PUP.SomotoLimited.c, PUP.Somoto.Bundler (M)
53.85%

Avira AntiVirus
Adware/OpenCandy.AC, APPL/Somoto.Gen2, SPR/Linux.CEngi.a.7, SPR/SystemCall.AA.21, Adware/OpenCandy.A.209, APPL/Somoto.hzit
50.00%

Sophos
CheatEngine, Somoto BetterInstaller, Generic PUA LL, OpenCandy
42.31%

Dr.Web
Adware.Somoto.17, Trojan.MulDrop3.49526, Adware.Downware.2013, Trojan.NtRootKit.12823, Trojan.Packed.27732, Trojan.Packed.28357
42.31%

NANO AntiVirus
Trojan.Win32.Somoto.bdrgmf, Trojan.Win32.CheatEngine.xmvtu, Trojan.Win32.CheatEngine.xrokk, Trojan.Win32.CheatEngine.xromz, Riskware.Win32.Downware.digcac
38.46%

Baidu Antivirus
Trojan.Win32.Agent, HackTool.Win32.CheatEngine, HackTool.Win32.SystemCall, Hacktool.Win32.CheatEngine, Hacktool.Win32.SystemCall
34.62%

VIPRE Antivirus
BetterInstaller, Trojan.Win32.Malware, Trojan.Win32.Generic!SB.0, Threat.4150696
34.62%

Vba32 AntiVirus
Hoax.Blocker, Backdoor.Agent, Worm.AutoRun, TrojanPSW.Agent
30.77%

McAfee
Artemis!2BDAC3BCDE5E, Artemis!FAC1B9385DF0, Artemis!D307D08783B8, Artemis!9EB749499F45, Artemis!89C1AE5084C1, Artemis!12FECF733254
30.77%

Trend Micro House Call
TROJ_GEN.F47V0715, HV_SOMOTOBETTERINSTALLER_CH1600A1.UVPA, TROJ_SPNR.0CKG11, TROJ_GEN.F47V0623, TROJ_GEN.R047H05AR14, ADW_OPENCANDY
30.77%

Bkav FE
W32.Clod6d7.Trojan, W32.Clod12f.Trojan, W32.Clodf7a.Trojan, W32.Clod4f5.Trojan, W32.Clod628.Trojan, W32.Clod1b5.Trojan, W32.Clodd63.Trojan
30.77%

AVG
Worm/Generic2, Somoto, OpenCandy
30.77%

K7 AntiVirus
Unwanted-Program , Trojan , Riskware , Hacktool , Adware
26.92%

SUPERAntiSpyware
Adware.Somoto, PUP.Somoto/Variant
23.08%

The domain cheatengine.org has been seen to resolve to the following IP address.

174.142.61.111
cheatengine.org
December 4, 2013

File downloads found at URLs served by cheatengine.org.

0 / 68
http://cheatengine.org/.../CheatEngine.apk  (onhax.cheatengine.google.guy..apk)

0 / 68
http://cheatengine.org/download/.../CheatEngine63.exe  (5f90db63b27e328535209fc8100c7742)

1 / 68      (Adware)
http://cheatengine.org/.../CheatEngine64_downloader-5k5pfkgu.exe  (3851e7c3dc4fb094d1171807ed5eb4c1)

16 / 68    (Malware)
http://cheatengine.org/.../CheatEngine55.exe  (cheat.exe)

0 / 68
http://cheatengine.org/.../tutorial_de.zip  (7b0c07b83dca1b8acd64af92b7b20f2d)

0 / 68
http://cheatengine.org/.../forcedinjection.rar  (9f368877-8c6b-fba8-8d0a-075c8f448150_1d1cd2790bb0d18)

12 / 68    (Adware)
http://cheatengine.org/.../CheatEngine63_downloader-Q7fiowua4.exe  (filedownloadedsuccessfully_downloader-n9ozn5uze.exe)

0 / 68
http://cheatengine.org/.../ru_RU.rar  (dd2cc95b-44dc-f2ee-8095-48344fd64d3f_1d1c254f9b8e5b0)

0 / 68
http://cheatengine.org/.../CheatEngine651NoSetup.rar  (de24fa47f42be6b4020b8c43d5a2b35f)

0 / 68
http://cheatengine.org/.../CheatEngine62src.rar  (f1aacf03ae46809db8c487a116914296)

0 / 68
http://cheatengine.org/.../monodatacollector.rar  (c5753ccd9df25bbe5043c9be0a6eadac)

0 / 68
http://cheatengine.org/.../CheatEngine65NoSetup.rar  (fe566c1af5b3e496d9349222f4888be7)

12 / 68    (Adware)
http://cheatengine.org/.../CheatEngine64_downloader-QaSjPfQ2a.exe  (00000000)

1 / 68      (Adware)
http://cheatengine.org/.../CheatEngine63_downloader-I4Xt0of3k.exe  (flvplayer_downloader-n6jcjcm2q.exe)

1 / 68      (Adware)
http://cheatengine.org/.../CheatEngine64_downloader-IceUSrz6K.exe  (23550bbf859801ce45294ae99c7b4a51)

0 / 68
http://cheatengine.org/.../pl_pl.rar  (e798761268b96ab2b435603cf00d8384)

0 / 68
http://cheatengine.org/.../ch_cn.zip  (84b64abf111d5ba427376a0fc9587892)

0 / 68
http://cheatengine.org/.../CEMacApril2012.zip  (5a37a732c8402bc15538a3cafcd6e67b)

2 / 68      (inconclusive)
http://cheatengine.org/.../CheatEngine63.exe  (b5b19564671b4573dd34add81386a176)

2 / 68      (Malware)
http://cheatengine.org/.../CheatEngine64src.rar  (c3060046ddd96dff4bead30b134f35ae)

2 / 68      (PUP)
http://cheatengine.org/.../CheatEngine64Beta2.exe  (29a5e3a49c0f72409d226f4f838f2972)

22 / 68    (Adware)
http://cheatengine.org/.../CheatEngine63_downloader-I1Evsmcy8.exe  (bb7c5e153d6f08e9076c419eae843d0d)

26 / 68    (Adware)
http://cheatengine.org/.../CheatEngine63_downloader-I3QD7VDhi.exe  (3a73375054e8b5e20b571b4a7ca96310)

10 / 68    (PUP)
http://cheatengine.org/.../CheatEngine60.exe  (9eb749499f455057dc185fb21ba7b96a)

3 / 68      (PUP)
http://cheatengine.org/download/.../CheatEngine62.exe  (2c29f92204d8fe08c6c69e753f541a5e)

20 / 68    (Adware)
http://cheatengine.org/.../CheatEngine63_downloader-I0UvFYI82.exe  (21dba3ef1ad019eb1a88ab518c3aaf2f)

11 / 68    (PUP)
http://cheatengine.org/.../CheatEngine56.exe  (89c1ae5084c1823e5472b648f84dc2d5)

6 / 68      (PUP)
http://cheatengine.org/.../CheatEngine61.exe  (cheat engine 6.1.exe)

11 / 68    (PUP)
http://cheatengine.org/.../CheatEngine561.exe  (225331-652587-cheat-engine.exe)

19 / 68    (Adware)
http://cheatengine.org/download/.../CheatEngine62.exe  (CheatEngine63.exe)

 
Latest 30 of 46 download URLs

The following 6 files have been seen to comunicate with cheatengine.org in live environments.

TCP » 174.142.61.111:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 174.142.61.111:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 174.142.61.111:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 174.142.61.111:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 174.142.61.111:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 174.142.61.111:80
uran.exe (Uran by uCoz Media and Chromium Authors)

September 10, 2015
forum.cheatengine.org

December 27, 2013
mirror1.cheatengine.org

April 20, 2014
mirror2.cheatengine.org

May 13, 2014
mirror3.cheatengine.org

December 23, 2015
urgay.forum.cheatengine.org

April 23, 2014
www.cheatengine.org

August 8, 2016
www.forum.cheatengine.org

URL:
http://cheatengine.org/

Google Analytics:
UA-6655534

Title:
“Cheat Engine”

Web server:
lighttpd/1.4.35 (PHP/5.1.6)

Facebook:
Likes:  3,596
Shares:  23,930
Comments:  6,140

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.