download.mobogenie.com

Beijing Gamease Age Digital Technology Co., Ltd.

Domain Information

The domain download.mobogenie.com registered by Beijing Gamease Age Digital Technology Co., Ltd. was initially registered in November of 2012 through HICHINA ZHICHENG TECHNOLOGY LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
MARKMONITOR INC.

Server location:
Virginia, United States (US)

Create date:
Wednesday, November 28, 2012

Expires date:
Tuesday, November 28, 2017

Updated date:
Wednesday, December 24, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (91% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.X, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.Y, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.W, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.T, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.Installer
95.24%

Dr.Web
Trojan.Siggen6.685, Adware.NextLive.2, Adware.NextLive.1
76.19%

ESET NOD32
Win32/NextLive, Win32/Mobogenie
57.14%

IKARUS anti.virus
Virus.Win32.Heur, Nsis, AndroidOS.Mobo.B, Win32.NextLive, AdWare.AndroidOS.Mobserv, Win32.SuspectCrc, AndroidOS.AdWare.Mobserv
54.76%

Trend Micro House Call
TROJ_GEN.F47V0109, TROJ_GEN.F47V0203, TROJ_GEN.F47V0313, TROJ_GE.0ADD1E3E, ADW_NEXTLIVE, TROJ_GEN.F47V0228, TROJ_GEN.F47V0131, TROJ_GE.45BAB8AA, TROJ_GEN.F47V0414
52.38%

NANO AntiVirus
Trojan.Win32.NextLive.csjhvj
50.00%

Rising Antivirus
JS:Malware.OddJS!5.3E, NS:Malware.Install!1.9F62, PE:Trojan.Win32.Generic.16594EEF!374951663
47.62%

Vba32 AntiVirus
AdWare.Agent, AdWare.Agent.ahgx
42.86%

VIPRE Antivirus
Adware.Agent, Trojan.AndroidOS.Generic.A, Trojan.Win32.Generic
40.48%

avast!
NSIS:NextLive-A [Adw], Win32:PUP-gen [PUP]
40.48%

McAfee
Artemis!579FB275EA7B, Artemis!9EEEA3B146EE, Artemis!55CB320CF560, Artemis!38F10675DB8B, Artemis!9AC092FDBC7B, Artemis!5D029508FF58
38.10%

Comodo Security
ApplicUnwnt, ApplicUnwnt.Win32.NextLive.~A
35.71%

McAfee Web Gateway
Artemis!579FB275EA7B, Artemis!9EEEA3B146EE, Artemis!55CB320CF560, Artemis!38F10675DB8B, Artemis!9AC092FDBC7B, Artemis!5D029508FF58
35.71%

Jiangmin
Adware/Agent.jcj
33.33%

Kaspersky
not-a-virus:AdWare.Win32.Agent, not-a-virus:HEUR:RiskTool.AndroidOS.Mobogen
30.95%

The domain download.mobogenie.com has been seen to resolve to the following 107 IP addresses.

server-52-84-125-32.iad16.r.cloudfront.net
July 23, 2016

server-52-84-125-200.iad16.r.cloudfront.net
July 23, 2016

server-52-84-125-176.iad16.r.cloudfront.net
July 23, 2016

server-52-84-125-149.iad16.r.cloudfront.net
July 23, 2016

server-52-84-125-142.iad16.r.cloudfront.net
July 23, 2016

server-52-84-125-104.iad16.r.cloudfront.net
July 23, 2016

server-52-84-125-74.iad16.r.cloudfront.net
July 23, 2016

server-52-84-125-51.iad16.r.cloudfront.net
July 23, 2016

server-52-85-142-109.iad12.r.cloudfront.net
June 8, 2016

server-52-85-142-79.iad12.r.cloudfront.net
June 8, 2016

server-52-85-142-58.iad12.r.cloudfront.net
June 8, 2016

server-52-85-142-14.iad12.r.cloudfront.net
June 8, 2016

server-52-85-142-214.iad12.r.cloudfront.net
June 8, 2016

server-52-85-142-201.iad12.r.cloudfront.net
June 8, 2016

server-52-85-142-196.iad12.r.cloudfront.net
June 8, 2016

server-52-85-142-151.iad12.r.cloudfront.net
June 8, 2016

server-52-85-131-74.iad53.r.cloudfront.net
June 5, 2016

server-52-85-131-68.iad53.r.cloudfront.net
June 5, 2016

server-52-85-131-15.iad53.r.cloudfront.net
June 5, 2016

server-52-85-131-7.iad53.r.cloudfront.net
June 5, 2016

server-52-85-131-220.iad53.r.cloudfront.net
June 5, 2016

server-52-85-131-210.iad53.r.cloudfront.net
June 5, 2016

server-52-85-131-189.iad53.r.cloudfront.net
June 5, 2016

server-52-84-125-182.iad16.r.cloudfront.net
June 3, 2016

server-52-84-125-171.iad16.r.cloudfront.net
June 3, 2016

server-52-84-125-157.iad16.r.cloudfront.net
June 3, 2016

server-52-84-125-147.iad16.r.cloudfront.net
June 3, 2016

server-52-84-125-54.iad16.r.cloudfront.net
June 3, 2016

server-52-84-125-50.iad16.r.cloudfront.net
June 3, 2016

server-52-84-125-36.iad16.r.cloudfront.net
June 3, 2016

 
Showing 30 of 107 IP Addresses

File downloads found at URLs served by download.mobogenie.com.

6 / 68      (PUP)

1 / 68      (inconclusive)

1 / 68      (PUP)

1 / 68      (inconclusive)

23 / 68    (PUP)

7 / 68      (PUP)

0 / 68

21 / 68    (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

21 / 68    (PUP)

22 / 68    (PUP)

7 / 68      (PUP)

5 / 68      (PUP)

6 / 68      (PUP)

22 / 68    (PUP)

24 / 68    (PUP)

12 / 68    (PUP)

15 / 68    (PUP)

22 / 68    (PUP)

19 / 68    (PUP)

20 / 68    (PUP)

23 / 68    (PUP)

27 / 68    (PUP)

8 / 68      (PUP)

2 / 68      (PUP)

4 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

 
Latest 30 of 44 download URLs

The following 647 files have been seen to comunicate with download.mobogenie.com in live environments.

 
Latest 20 of 794 files

URL:
http://download.mobogenie.com/

Network:
Amazon Cloudfront

Web server:
AmazonS3