» get-mp3.net
Overview
Analysis
IPs Addresses (1)
Downloads (8)
Network (46)

get-mp3.net

Domain Information

Server location:

California, United States (US)

ASN:

AS26008 NOMINUM-SKYE1 - SKYE

Scanner detections:

Malware distribution (88% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Optional.MailRu.a, Win32.Generic.MailRu.Meta

100.00%

Dr.Web

Adware.Downware.915, Trojan.DownLoader11.6514

14.29%

avast!

Win32:PUP-gen [PUP]

14.29%

VIPRE Antivirus

Threat.4790240

14.29%

Microsoft Security Essentials

Threat.Undefined

14.29%

ESET NOD32

Win32/LoadMoney.AE potentially unwanted application

14.29%

F-Prot

W32/LoadMoney.B.gen

14.29%

AVG

Adware Generic5.AHMZ

14.29%

Clam AntiVirus

Win.Trojan.Agent-470993

14.29%

MicroWorld eScan

Gen:Application.LoadMoney.1

14.29%

Quick Heal

TrojanDownloader.LMN.A7

14.29%

McAfee

Adware-FSV

14.29%

Malwarebytes

PUP.Optional.LoadMoney

14.29%

K7 AntiVirus

Dialer

14.29%

Agnitum Outpost

PUA.Downloader

14.29%

The domain get-mp3.net has been seen to resolve to the following IP address.

search.dnsassist.verizon.net

July 10, 2014

File downloads found at URLs served by get-mp3.net.

1 / 68 (Malware)

http://get-mp3.net/MTc5ODtodHRwJTNBJTJGJTJGZmlsZS54bXVzaWMubWUlMkZtcDMlMkYxOTM5ODk5MjMlMkY3OTE1MjUxJTJGMTQwMjI4Mjk0OCUyRjY2YTFkMWMxOGUlMkZOaW5hX1NpbW9uZV8tX0Rvbl90X0xldF9NZV9CZV9NaXN1bmRlcnN0b29kX09TVF9DSHRvX3R2b3J5YXRfbXV6aGNoaW55XyUyOHhNdXNpYy5tZSUyOS5tcDM7bmFtZT1OaW5hX1NpbW9uZV8tX0Rvbl90X0xldF9NZV9CZV9NaXN1bmRlcnN0b29kX09TVF9DSHRvX3R2b3J5YXRfbXV6aGNoaW55XyUyOHhNdXNpYy5tZSUyOS5tcDM7c2l6ZT0zNjEwMjU2O3R5cGU9YXVkaW8= (nina_simone_-_don_t_let_me_be_misunderstood_ost_chto_tvoryat_muz.exe)

1 / 68 (Malware)

http://get-mp3.net/MTEzNDtodHRwJTNBJTJGJTJGc3RyZWFtLmdldC10dW5lLm5ldCUyRmxpc3RlbiUyRjg0NjMwOTg3JTJGMjg0NTI0NiUyRjE2MDI3MDcyMTglMkY5OTkyNGNhY2YwYTVhZDcxJTJGTWVsb2RpY19Ccm90aGVyc18tX0lkZWFsX011c2ljX0Zvcl9TZXhfJTI4Z2V0LXR1bmUubmV0JTI5Lm1wMztuYW1lPU1lbG9kaWNfQnJvdGhlcnNfLV9JZGVhbF9NdXNpY19Gb3JfU2V4XyUyOGdldC10dW5lLm5ldCUyOS5tcDM7c2l6ZT0zMjQ5MzAyO3R5cGU9YXVkaW8= ({blocked}.exe)

0 / 68

http://get-mp3.net/MTEzNDtodHRwJTNBJTJGJTJGc3RyZWFtLmdldC10dW5lLm5ldCUyRmZpbGUlMkYxMzI2Mjk5NTAlMkYxNTM3NTEzOTUlMkYzNjQ1MDIyMTQwJTJGMjllYzQxOThjODcyNDc2MyUyRktsdWJuYXlhX211emlrYV8tX25vdmlua2lfMjAxM18lMjhnZXQtdHVuZS5uZXQlMjkubXAzO25hbWU9S2x1Ym5heWFfbXV6aWthXy1fbm92aW5raV8yMDEzXyUyOGdldC10dW5lLm5ldCUyOS5tcDM7c2l6ZT04ODQyNTgxO3R5cGU9YXVkaW8= (klubnaya_muzika_-_novinki_2013_get-tune_net.exe)

1 / 68 (Malware)

http://get-mp3.net/MTEzNDtodHRwJTNBJTJGJTJGc3RyZWFtLmdldC10dW5lLm5ldCUyRmxpc3RlbiUyRjE1NzM2MzU5NSUyRjg5NTExMTQ2JTJGMjk1OTYwNTkzMCUyRjYwNmQ5MTUyODc2MWZiYjclMkZNaWhhaWxfQnVibGlrXy1fSV9idWRldF9zdmV0bG9fSV9CdWRldF90ZXBsb18lMjhnZXQtdHVuZS5uZXQlMjkubXAzO25hbWU9TWloYWlsX0J1Ymxpa18tX0lfYnVkZXRfc3ZldGxvX0lfQnVkZXRfdGVwbG9fJTI4Z2V0LXR1bmUubmV0JTI5Lm1wMztzaXplPTkzODc5MzI7dHlwZT1hdWRpbw== (mihail_bublik_-_i_budet_svetlo_i_budet_teplo_get-tune_net.exe)

1 / 68 (Malware)

http://get-mp3.net/MTc5ODtodHRwJTNBJTJGJTJGZmlsZS54bXVzaWMubWUlMkZtcDMlMkYxNjk1MjQ1MzElMkYxMzUxNjQ4MjglMkY3NzkzMDU3NjMlMkZhM2JmOWE1OTk3JTJGS2xhc3NpY2hlc2theWFfTXV6eWthX0RseWFfRGV0ZWpfLV9Wb2xmZ2FuZ19BbWFkZWpfTW9jYXJ0X2lncnlfZGx5YV9kZXRlal8lMjh4TXVzaWMubWUlMjkubXAzO25hbWU9S2xhc3NpY2hlc2theWFfTXV6eWthX0RseWFfRGV0ZWpfLV9Wb2xmZ2FuZ19BbWFkZWpfTW9jYXJ0X2lncnlfZGx5YV9kZXRlal8lMjh4TXVzaWMubWUlMjkubXAzO3NpemU9NzQxOTI1MTt0eXBlPWF1ZGlv (klassicheskaya_muzyka_dlya_detej_-_volfgang_amadej_mocart_igry_d.exe)

1 / 68 (Malware)

http://get-mp3.net/MTEzNDtodHRwJTNBJTJGJTJGc3RyZWFtLmdldC10dW5lLm5ldCUyRmxpc3RlbiUyRjEzNDc1Nzg3NCUyRi0zMTUzNTQ2MSUyRjc4NzI1NTQwMCUyRjZlMTg4YjhmNDJkOTE5OWYlMkZCdW1lcl8tX25lX3BsYWNoXyUyOGdldC10dW5lLm5ldCUyOS5tcDM7bmFtZT1CdW1lcl8tX25lX3BsYWNoXyUyOGdldC10dW5lLm5ldCUyOS5tcDM7c2l6ZT05NDQ3MjgxO3R5cGU9YXVkaW8= (bumer_-_ne_plach_get-tune_net.exe)

1 / 68 (Malware)

http://get-mp3.net/MTEzNDtodHRwJTNBJTJGJTJGc3RyZWFtLmdldC10dW5lLm5ldCUyRmxpc3RlbiUyRjIxMDgyMjU1OSUyRjE0MzgxODM2NiUyRjE1OTk1MTM5NzElMkZkYzFiMGJiN2M3M2Q1NDNmJTJGSGFuZGVfWWVuZXJfLV9ZYV9ZYV9ZYV9ZYV8lMjhnZXQtdHVuZS5uZXQlMjkubXAzO25hbWU9SGFuZGVfWWVuZXJfLV9ZYV9ZYV9ZYV9ZYV8lMjhnZXQtdHVuZS5uZXQlMjkubXAzO3NpemU9NzYyNjg0MDt0eXBlPWF1ZGlv (hande_yener_-_ya_ya_ya_ya_get-tune_net.exe)

33 / 68 (PUP)

http://get-mp3.net/MTEzNDtodHRwJTNBJTJGJTJGc3RyZWFtLmdldC10dW5lLm5ldCUyRmxpc3RlbiUyRjEzNzc3NTAyOSUyRjM0NzIwMzMlMkYzMTYyOTE3NDg5JTJGMWMzNjlhYWM2MWM4OTQxYSUyRlNhbXN1bmdfLV9UaGVfZmxvb3JfJTI4Z2V0LXR1bmUubmV0JTI5Lm1wMztuYW1lPVNhbXN1bmdfLV9UaGVfZmxvb3JfJTI4Z2V0LXR1bmUubmV0JTI5Lm1wMztzaXplPTgzMDc0ODI7dHlwZT1hdWRpbw== (samsung_-_the_floor_get-tune_net.exe)

The following 46 files have been seen to comunicate with get-mp3.net in live environments.

TCP » 199.101.28.20:80

suggestions.crx

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

google-search.crx

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

Latest 20 of 46 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.