home

gg.gg

Domain Information

Server location:
Overijssel, Netherlands (NL)

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ShetefSolutionsConsulting1998.?, PUP.Installer.Amonetizeltd.Y, PUP.Installer.ShetefSolutionsConsulting1998.w, PUP.Installer.ShetefSolutionsConsulting1998.FF, DownloadManager.AirSoftware.F, PUP.Installer.Fileprotected.F, PUP.Installer.Fileadventure.F, PUP.Bundler.Solimba, PUP.Solimba.AppsInst.Bundler (M), PUP.Solimba.Firseria.Bundler (M), PUP.SmartSek.Installer (M), PUP.Solimba (M)
91.67%

Dr.Web
Adware.Downware.1575, Adware.Downware.1655, Adware.Downware.2250, Adware.Downware.2467, Trojan.SMSSend.5375, Adware.Downware.2081
75.00%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize, PUP.Optional.Amonetize.A, PUP.Optional.AirAdInstaller, PUP.Optional.Ibryte
66.67%

Avira AntiVirus
ADWARE/Adware.Gen2, Adware/iBryte.bxpg, Adware/iBryte.zline, TR/Crypt.XPACK.Gen, PUA/Firseria.14318.9
66.67%

McAfee
Artemis!53597284E965, Artemis!311F3AB701D4, Artemis!466A950A6E7B, Artemis!DAD9CD8CC488, Artemis!CE722DA8D641, Artemis!CB11E5706DBD, Adware-Amonetize!BE0E2E71EA9E, Artemis!C5F11D9CC1CD, Artemis!7A2DFD5E723F, Artemis!56937A151C49
62.50%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic, Threat.5061940, Threat.4798837, Threat.4782980, LiveSoftAction
62.50%

ESET NOD32
Win32/Amonetize (variant), Win32/Amonetize.AA (variant), Win32/Amonetize.AD (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AI (variant)
58.33%

avast!
Win32:Dropper-gen [Drp], Win32:Amonetize-E [PUP], Win32:Adware-gen [Adw], Win32:Adware-BJY [PUP], Win32:Amonetize-F [PUP]
54.17%

Trend Micro House Call
TROJ_GEN.F47V1214, TROJ_GEN.F47V1118, TROJ_GEN.F47V0102, TROJ_GEN.F47V0116, TROJ_GEN.F47V0130, TROJ_GEN.F47V0219, TROJ_GEN.F47V0227
54.17%

Fortinet FortiGate
W32/Amonetize.W, Riskware/Amonetize, Adware/Amonetize, W32/Malware_fam.NB, Riskware/Generic.AC.88097, W32/GetNow.I, Riskware/FirseriaInstaller
45.83%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.OutBrowse, PUP/Win32.IBryte, PUP/Win32.Firseria
45.83%

Sophos
Amonetize, Generic PUA PI, AirInstaller, Generic PUA EO, Mal/Inject-CEE, PUA 'Solimba Installer', Live Soft Action
41.67%

G Data
Win32.Trojan.Agent.V3ANE4, Win32.Application.Amonetize, Dropped:Application.OutBrowse, Gen:Variant.Adware.Graftor.165252
37.50%

IKARUS anti.virus
not-a-virus:Downloader.Win32.Agent, PUA.AirAdInstaller, Trojan-Clicker.BFNI, PUA.FirseriaInstaller
37.50%

Panda Antivirus
Trj/dtcontx.I, Trj/OCJ.D, Adware/AirInstaller, Trj/Genetic.gen, PUP/Multitoolbar
37.50%

The domain gg.gg has been seen to resolve to the following 6 IP addresses.

104.25.247.12
February 22, 2016

104.25.246.12
February 22, 2016

91.224.140.71
s1.teamlevel.com
March 1, 2014

67.228.126.164
67.228.126.164-static.reverse.softlayer.com
February 16, 2014

190.93.255.5
February 5, 2014

190.93.254.5
February 5, 2014

File downloads found at URLs served by gg.gg.

1 / 68      (Adware)
http://gg.gg/heq0  (subsonic.exe)

20 / 68    (Adware)
http://gg.gg/h1i1  (setup provided through shanu.exe)

1 / 68      (PUP)
http://gg.gg/Setup_Hack_2016  (setup.exe)

1 / 68      (Adware)
http://gg.gg/valid  (installer.exe)

1 / 68      (Adware)
http://gg.gg/h1i1  (subsonic.exe)

24 / 68    (PUP)
http://gg.gg/yy53  (installer.exe)

0 / 68
http://gg.gg/3tuog  (microsoftautocollagesetup.msi)

1 / 68      (Adware)
http://gg.gg/7a05  (subsonic.exe)

0 / 68
http://gg.gg/h1i1  (setup.exe)

33 / 68    (Adware)
http://gg.gg/h1i1  (subsonic.exe)

40 / 68    (Adware)
http://gg.gg/2kf36  (setup.exe)

13 / 68    (Adware)
http://gg.gg/h1i1  (heu kms activator ch v7.7.rar__3038_i235802093_il1847509.exe)

18 / 68    (Adware)
http://gg.gg/h1i1  (setup.exe)

18 / 68    (PUP)
http://gg.gg/1jxgi  (new hack working 2014.exe)

14 / 68    (Adware)
http://gg.gg/89f4  (malwarebytes__3607_il3141386.exe)

16 / 68    (Adware)
http://gg.gg/89f4  (konica minolta 423 series pcl driver__3038_i191530555_il9833024.exe)

18 / 68    (Adware)
http://gg.gg/h1i1  (setup.exe)

13 / 68    (Adware)
http://gg.gg/h1i1  (download usb hidden copyer pro crack__3039_i462217944_il3346166.exe)

13 / 68    (Adware)
http://gg.gg/89f4  (setup.exe)

10 / 68    (Adware)
http://gg.gg/89f4  (idm 6.18 build 7.exe__3038_i380697998_il2870702.exe)

12 / 68    (Adware)
http://gg.gg/tyha  (setup__2209_il1240.exe)

12 / 68    (Adware)
http://gg.gg/89f4  (for dummies ebooks full colection__3039_i273260150_il137540.exe)

11 / 68    (Adware)
http://gg.gg/h1i1  (chinatown 720p hdtv x264 yify.rar__3515_i370728624_il925897.exe)

12 / 68    (Adware)
http://gg.gg/fmmv  (setup__2209_il1240.exe)

5 / 68      (Adware)
http://gg.gg/89f4  (skyhook wifi hack password 2013 zip registration key__3038_i356390957_il5637585.exe)

12 / 68    (Adware)
http://gg.gg/7a05  (eset nod32 antivirus 6 clé activation license 2013.rar__3515_i141505014_il1093614.exe)

9 / 68      (Adware)
http://gg.gg/gxgr  (skymonkam__2155_il222201.exe)

pbhs.com

vgames.co.il

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.