The domain download.mobogenie.com registered by Beijing Gamease Age Digital Technology Co., Ltd. was initially registered in November of 2012 through HICHINA ZHICHENG TECHNOLOGY LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrant:
Beijing Gamease Age Digital Technology Co., Ltd.
Registrar:
MARKMONITOR INC.
Server location:
Virginia, United States (US)
Create date:
Wednesday, November 28, 2012
Expires date:
Tuesday, November 28, 2017
Updated date:
Wednesday, December 24, 2014
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Detections (91% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.X, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.Y, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.W, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.T, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.Installer
95.24%
Dr.Web
Trojan.Siggen6.685, Adware.NextLive.2, Adware.NextLive.1
76.19%
ESET NOD32
Win32/NextLive, Win32/Mobogenie
57.14%
IKARUS anti.virus
Virus.Win32.Heur, Nsis, AndroidOS.Mobo.B, Win32.NextLive, AdWare.AndroidOS.Mobserv, Win32.SuspectCrc, AndroidOS.AdWare.Mobserv
54.76%
Trend Micro House Call
TROJ_GEN.F47V0109, TROJ_GEN.F47V0203, TROJ_GEN.F47V0313, TROJ_GE.0ADD1E3E, ADW_NEXTLIVE, TROJ_GEN.F47V0228, TROJ_GEN.F47V0131, TROJ_GE.45BAB8AA, TROJ_GEN.F47V0414
52.38%
NANO AntiVirus
Trojan.Win32.NextLive.csjhvj
50.00%
Rising Antivirus
JS:Malware.OddJS!5.3E, NS:Malware.Install!1.9F62, PE:Trojan.Win32.Generic.16594EEF!374951663
47.62%
Vba32 AntiVirus
AdWare.Agent, AdWare.Agent.ahgx
42.86%
VIPRE Antivirus
Adware.Agent, Trojan.AndroidOS.Generic.A, Trojan.Win32.Generic
40.48%
avast!
NSIS:NextLive-A [Adw], Win32:PUP-gen [PUP]
40.48%
McAfee
Artemis!579FB275EA7B, Artemis!9EEEA3B146EE, Artemis!55CB320CF560, Artemis!38F10675DB8B, Artemis!9AC092FDBC7B, Artemis!5D029508FF58
38.10%
Comodo Security
ApplicUnwnt, ApplicUnwnt.Win32.NextLive.~A
35.71%
Kaspersky
not-a-virus:AdWare.Win32.Agent, not-a-virus:HEUR:RiskTool.AndroidOS.Mobogen
30.95%
Malwarebytes
PUP.Optional.NextLive.A
30.95%
Fortinet FortiGate
Android/DriveGenie.A!tr, Adware/Agent, Riskware/Mobogenie
28.57%
The domain download.mobogenie.com has been seen to resolve to the following 107 IP addresses.
server-52-84-125-32.iad16.r.cloudfront.net
July 23, 2016
server-52-84-125-200.iad16.r.cloudfront.net
July 23, 2016
server-52-84-125-176.iad16.r.cloudfront.net
July 23, 2016
server-52-84-125-149.iad16.r.cloudfront.net
July 23, 2016
server-52-84-125-142.iad16.r.cloudfront.net
July 23, 2016
server-52-84-125-104.iad16.r.cloudfront.net
July 23, 2016
server-52-84-125-74.iad16.r.cloudfront.net
July 23, 2016
server-52-84-125-51.iad16.r.cloudfront.net
July 23, 2016
server-52-85-142-109.iad12.r.cloudfront.net
June 8, 2016
server-52-85-142-79.iad12.r.cloudfront.net
June 8, 2016
server-52-85-142-58.iad12.r.cloudfront.net
June 8, 2016
server-52-85-142-14.iad12.r.cloudfront.net
June 8, 2016
server-52-85-142-214.iad12.r.cloudfront.net
June 8, 2016
server-52-85-142-201.iad12.r.cloudfront.net
June 8, 2016
server-52-85-142-196.iad12.r.cloudfront.net
June 8, 2016
server-52-85-142-151.iad12.r.cloudfront.net
June 8, 2016
server-52-85-131-74.iad53.r.cloudfront.net
June 5, 2016
server-52-85-131-68.iad53.r.cloudfront.net
June 5, 2016
server-52-85-131-15.iad53.r.cloudfront.net
June 5, 2016
server-52-85-131-7.iad53.r.cloudfront.net
June 5, 2016
server-52-85-131-220.iad53.r.cloudfront.net
June 5, 2016
server-52-85-131-210.iad53.r.cloudfront.net
June 5, 2016
server-52-85-131-189.iad53.r.cloudfront.net
June 5, 2016
server-52-84-125-182.iad16.r.cloudfront.net
June 3, 2016
server-52-84-125-171.iad16.r.cloudfront.net
June 3, 2016
server-52-84-125-157.iad16.r.cloudfront.net
June 3, 2016
server-52-84-125-147.iad16.r.cloudfront.net
June 3, 2016
server-52-84-125-54.iad16.r.cloudfront.net
June 3, 2016
server-52-84-125-50.iad16.r.cloudfront.net
June 3, 2016
server-52-84-125-36.iad16.r.cloudfront.net
June 3, 2016
Showing 30 of 107 IP Addresses
File downloads found at URLs served by download.mobogenie.com.
Latest 30 of 44 download URLs
The following 647 files have been seen to comunicate with download.mobogenie.com in live environments.
URL:
http://download.mobogenie.com/
Network:
Amazon Cloudfront