» mybluegames.net
Overview
Analysis
IPs Addresses (6)
Downloads (19)
Network (6)

mybluegames.net

Beni Sanberg

Domain Information

The domain mybluegames.net registered by Beni Sanberg was initially registered in January of 2015 through 1 & 1 INTERNET AG. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.

Registrant:

Beni Sanberg

Registrar:

1&1 INTERNET SE

Server location:

Oregon, United States (US)

Create date:

Tuesday, January 13, 2015

Expires date:

Friday, January 13, 2017

Updated date:

Thursday, February 18, 2016

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Whois:

2 mybluegames.net records

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

Threat.Win.Reputation.IMP, PUP.WebPick, PUP.WebPick.AndreyHmelnikov (M)

100.00%

F-Secure

Gen:Variant.Adware.Kazy.552220, Gen:Variant.Adware.Mikey.7658, Gen:Variant.Adware.Mplug

42.11%

ESET NOD32

Win32/Adware.MultiPlug.ES application, Win32/Adware.MultiPlug.EW application, Win32/Adware.MultiPlug.IU application

42.11%

Emsisoft Anti-Malware

Gen:Variant.Adware.Kazy.552220, Gen:Variant.Adware.Mikey.7658, Gen:Variant.Adware.Mplug.36

42.11%

AVG

Adware Generic6.NLT, Adware Generic6.NNN, Adware Generic6.NMV, Adware Generic6.NMF

42.11%

Lavasoft Ad-Aware

Gen:Variant.Adware.Kazy.552220, Gen:Variant.Adware.Mikey.7658, Gen:Variant.Adware.Mplug.36

42.11%

MicroWorld eScan

Gen:Variant.Adware.Kazy.552220, Gen:Variant.Adware.Mikey.7658, Gen:Variant.Adware.Mplug.36

42.11%

McAfee

Multiplug-FVQ, Program.Multiplug-FVQ, Program.MultiPlug-FXP

42.11%

Bitdefender

Gen:Variant.Adware.Kazy.552220, Gen:Variant.Adware.Mikey.7658, Gen:Variant.Adware.Mplug.36

42.11%

Avira AntiVirus

ADWARE/MultiPlug.Gen7, ADWARE/MultiPlug.Gen4, Adware/MPlug.trou, TR/Crypt.XPACK.Gen

42.11%

AhnLab V3 Security

PUP/Win32.MultiPlug

42.11%

G Data

Gen:Variant.Adware.Kazy.552220, Gen:Variant.Adware.Mikey.7658, Gen:Variant.Adware.Mplug.36

42.11%

Vba32 AntiVirus

suspected of Heur.Malware-Cryptor.Multiplug

42.11%

Bkav FE

HW32.Packed, W32.HfsAdware

36.84%

K7 AntiVirus

Unwanted-Program

36.84%

The domain mybluegames.net has been seen to resolve to the following 6 IP addresses.

52.27.128.59

ec2-52-27-128-59.us-west-2.compute.amazonaws.com

February 24, 2016

52.27.128.56

ec2-52-27-128-56.us-west-2.compute.amazonaws.com

February 24, 2016

52.27.128.62

ec2-52-27-128-62.us-west-2.compute.amazonaws.com

February 24, 2016

54.68.13.248

ec2-54-68-13-248.us-west-2.compute.amazonaws.com

May 5, 2015

54.200.195.191

ec2-54-200-195-191.us-west-2.compute.amazonaws.com

May 5, 2015

54.213.72.9

ec2-54-213-72-9.us-west-2.compute.amazonaws.com

May 5, 2015

File downloads found at URLs served by mybluegames.net.

1 / 68 (Malware)

http://mybluegames.net/hp/?q=uaDKe3jgAauHOCDWYSJTH3PZY/S3OSsHnOtXeR8nBHBNs EVX4pwn XrW93CJktrwVmagdc//H6jf0wWTOkXcHDgBNnurrKbS0Z36EvUSMpMuQh6/p2car42/R2w71FJUHUzoaoCzkoBPh5WaURrWMt1unJwXuLhT7TAvjJwXHsxm PcSmRHL3V9kGPypFX/PT/c4NhOI90PkJCiBGGD69fDHLj5gCa0YXGhnTcVPohnN9cm3qHQUAa5Qclfeuyxb34Z63EsjTZkXbdRI5Hpbm27jRDrOgqPynK8qQSv8jWlkOIbCuEBCOPSzYPUh91511yiiJ3ZDvnu/vjrjyU9850R5TOgmiUFTBNEh92cgx7wL7nP4/.../dN2 yM&external_id=1423707697716461106 (football manager 2015 keygen.exe)

1 / 68 (Malware)

http://mybluegames.net/hp/?q=G43ZVWq3LK21rwysurhPESCjXnHR6Vvo9w5qlyJk0FNdzzTi9 2WLFgjMjvHbcYtgnj MFwnBwVA8Y25kkMbaicIBa4AwMFNxQ0dpw T/ZIPMnNmVUrLtt3typeqtOMKqQn1ELGLv6rmjhCKS/rl ogqbcjIUB/enu2/.../ie8EkSDZaRk091pDLrDgwyXbUeYYM26Do7IaQqirEkthgHcFYDWV54icVdjBtr1i1NNlJBgti2IpCPjS9mPJZ8EbYnwrkngirir6qTyXFyFYN&external_id=1423671337274593113 (qraan.exe)

1 / 68 (Malware)

http://mybluegames.net/hp/?q=Fjg8/vzl/.../kZgxjIAOFg5147j072LThZT3D8EjSzhtWnPljjdhfIriKpy19MPg26VvjfP65sppGGDm9CAc49QN7I MxIVxItZDdKNVBXlqYYBAasxjnN6RJaSnsDpdx393SJCtmJdngcieILU46ZGbfUsV 4szZyHkivJDtAVBJY3SCquLOIHFB73qXlgrqdOSDdWHXNyUC7vzI4zBg0NjsrnbYk7U9tfBwy9dk9bjr6 nw6IQ5VuSuAp5zlnMWpau2qFbb3xCZKuKQ&external_id=1423658911675768640 (stardoll hack tool.exe)

1 / 68 (Malware)

http://mybluegames.net/hp/?q=IYmfzOVKrd5GVNPRJLt24Gk7wYWlTZ8nVYDoQU I2oDDsYyIt9wmpBCghohYyOlDWnG57/IdRrTJhxb2nbHCGUFsf9A2EGth0GLg4DLxBoEpolqHY2DmRlBnHeahDrzKSN8HcH6cSPlnjZ4VUWb2Zy1TePLmxJRg QzZLzowJ2cWVjcqdh260hhdN9k8KWssLjhrgcmX88xpvecYIiH1sIcnnBY/ oH289AYDXoKi4b9xXoRaWMbvPnxnKrwdCQWrKvQoJb3uKk6ix4aMzzemQ1WW/gn117e4Jwv7pcljfxZuRIjtw6JidbsbnyXBMqj4GLwirJZri62aOkmO12YJE34v 9qHz3IuAw44yzwDq9HluJhFWd07AEPSFAIzSwJ2URCZ5d2Ay93otyzDYY8sVNYimmQNMo8XOjyNF51nItss9t6Tv0F8oeSE0O88UUrDK08UKXxeKxdPGKls2y q/UbV3W2wfoDWKDP72t5yR2uC McIB/K OVvQU8awEfVQBn8ii51zjCqTcu4M5VeqVF60zkoANPVp5H1ANkZRX/rpf9qlQho9DkkAMNG4FNeOIJ6mVE57eJk8Iceb2smjtNVxMzrmwIwODfSib5DzXw4PbOU8zShX3ax/j0711IjcxDDX8DdjiNT9OSg1nY/Ccsy4nkp48RCPac89iBoucuiPmm0qTsZoDVHxiitFs1SzCOLBi40FU13tQ48OvFdll7SSut5zI5gptUuhn9HhdJV8AjylzghGII2KD87a100Iq84LWIvuQ0TVSKmTftjX42cGUtZ3G43HjqU8GB/dcyGnxIPehnd2/ANLrmIspJNbXdVCmj3hlRmZ5nIPRdwcwL0KicLO3WOG kPWOMU7RWl55eHdJrw/.../1QN7Tb k4RCSvLG8EzY9cKx5OWmF12JMz5YxKzBIQF6sOXpqJmsh wN3n (hawaizaada full movie,hawaizaada movie online,hawaizaada watch online movie,biog.exe)

1 / 68 (Malware)

http://mybluegames.net/hp/?q=SIAObyTJUlqujvqomj3NL6rGEFvPEl8Kyvbp5grVuq0RXQBIxRJAtr7ZiD6cKYBI9dnlnHZOR3oILZxCK7XphVdSW3dsDjrDg0pmR4kHSsow0aietwR9ESE5zhSj2NmuBHZsglb6EG2AA9PMleGttAz/cXKgtSnTxAjr/p2NN675tqEbEG146JzgaI7QsOZPR dA57xQ mF2cZRM5RpQxj1W9RhUPKOhAceD/BndrJK4rZ1Jn WLhqoIozXHQburqP7cmjylBKd2M9 VDcbAB9ND8e52Doy3JEfGXpbhRkQcM/.../RlOa&external_id=1423672510415233081 (doom 3 game.exe)

1 / 68 (Malware)

http://mybluegames.net/hp/?q=tIKoj7TREE5ZgQIKEGrmgl4FoNa0/GqMSaLNNXmIhyFj2c3gnHxpwS8VDxsT4WJZsniBF2cgm5nMK720CTG3CxY1D5WRBNxNygHRSaJwqf9dnfm9NrTm/Hpws0LZyREvg0h6eKyNELUFewL GSn13ymhvU1CSuwWjEAW1PcBxeC1I0y VjTqnXJy6VAKLmyTEBKKdy1MJ JuRt1BcxLTy0l8lsM2Pr4woesS7Cz/J /OxkSDRI71Zh6CfZ/uAUqzI5ThpMl9jw9HS0ThoNz283XuTauYjMlBb5CFHCrS0E4NKB8LlJ/m0EnA1HIf3xb4aiBwxI0BXcsyP5qE3PP7u5qGHKyTgrR9L1xZcz5RODX Q8Urjp8yZ7dVe8UqFRMmug9uwPfWyZIbEyMmq/OAouYjLuWkVNKejvgje2 DKYRD/.../kz61xgGYrS8LwvrBiaDBkfx9CmS AaUp&external_id=1423653175777885362 (download.exe)

1 / 68 (Adware)

http://mybluegames.net/hp/?q=Ge3ZVDwmQSXDOfABCDNAZJRkLar EsYzyXZ0wuBsvFo7kg04TzmXE8jBRUXHRNvouAU2NsM03b32BU14yrwUnVp43Y7q2XLVAk/kjIGrQgZuOnfd3c8aM0y9Nbof9eLPpb8mXIwInFHES7TZT6rcy39jdzjmngJwyoweUW4YPXCvZ0flObdM5zm/.../CivWyDx16cz0PV0A5Qu3SuOvIO9jT7eqpjY8LcgbFHFXne48kSIZYphEsiivBKyill9Yu2bf&external_id=1423687219962009729 (download.exe)

1 / 68 (Adware)

http://mybluegames.net/hp/?q=OpfMQGcBdmNmMOQIKEu3qo7qoNNMAkAcSauKSVKfgRcf3o3goMlBZtBWOWu30WJSCR0vF2cb20PUx7C/EKe79zVMeJXJOx1jTWn8cA/.../mkEg1IALpqckex F7HirnQL95NdO8LlHwgOfea1R Duw&external_id=1423686916368733601 (download.exe)

1 / 68 (Malware)

http://mybluegames.net/hp/?q= sjAtEgAxqCI123456Y86E9NsfmO9VOq4d25VGLiwFNB6bx7L7G8VbcTmX9tRp94ZX116GPu7J6Wkyfc712aP8FMhkR9P10iL5pkoElxVIGPvDOfAhltwiplGztMEb1Jk EjFpe7Oa1/OEeOzC bM2260dz0Yhr9GcaDOKtBIu2thE3eOah2GwH0gxk1/zaLiOjR0kv/BtCIn2IaE2ieTb6P2R2E3oKWm/pnNq3LooePUGK3W0QCfk6w3rlns9zO433pAiePrXpHESoC2q1ML4tutvz 7eB flU5qLbBALWYgy66gy5FenMw/LoS6Q8ydmDUnwMqVb1GNrTIuXu4KQxHycuXAIgiLZpS0v6EA0wJXHd8Y4avzCpj8aEOkgMGQybwBPlowNMOGs8DfkMX6fdgSSvcnneOH99tV7w0tzHMHIyK31Z8qQ0wV5sGaEGBbolte/xiv9TaQb1GCCcQeWqGG/wFhH5kMUyTLm8xnHFk NLpxu6c2hdvaNYZUuQ2WtOf6csxgPNUzFxh2okAdcQHOpqoN3jovwHLimdMIMw4A16JJ3rGcxRz9u0nsZElMSx 6wzDENJd8b060ocRhjw0cSRWfanNerd7ZhxMPCfq1oDfnY7ICM8vC55RJ3b2392giJJ3d6J32LJaQLchStGHHLEVZyvJYed8oHpp/mpE5vqYDZra/hDizudNnniaT63NQd/kzXHJ8BeUoQMK3IXIDkAb4Szw/p/vLsD41tiQxJNvF2D/e/OfDcXGTr9tP0p1o2HR1cjvfWySSug34q7Ahy74dhPXDqbziBMC9cpn2xg3jaNYXQhff3cdsJx hGYJUXJAX9ee5ykx1msxwRPftbr0VyZCLceCjgrHTVfcK3yRkKKJSxgSi2if/WkgpprLdh9oRQxYvINSeWrXpi/MU//CaF/4p7ePm7UQ/juyJt0QYZrjA1/.../ayWdCBb0DXlj (pirlo tv, pirlotv, pirlo tv online, pirlotves, pirlo, pirlo tv canal, pirlo tv p.exe)

1 / 68 (Malware)

http://mybluegames.net/hp/?q=t509Xj7SgC88tvqomj3NwNEEp8HmXxMqHuf6l/Aj nmZn0 IIS63RL1RjMpGmFWiTclZ1YweXJJMoRf sZSbTPlBflqRDP5i/HGQLyfbeR3o5sDknFUN3aIlKlqxM3ebJ4meOuZano5YLp8coXqN9dutJESh 3FN2m/.../Xz guoG8W4sYojlp9xKDqY9dCXnPEkFH0z zF8X4329XEZywYB fnS3kHb2TvpvJWzDgPfgipPppMK9&external_id=1423729420345571505 (download.exe)

1 / 68 (Adware)

http://mybluegames.net/hp/?q=yEi6sIwrmQlO0XZTVNGr VLxSCjIuACnK Ukd2EIpXnllz71jpaqbL3mFLpBntUVovegrYyigb4wPmC6Jx8EiCGux9NkpD35Qb0Tt4/60vAQAKIq0sPDpsH/swXdkiPtAGcXVLoXQII1rzBPA0CzGUi gIBiu2RaeQ18aJK7hrwy0ATsYuc1N3jHNC0qZM1wkskjKfEVCv8UDHWPTLP2i43U2MPFfqosPSDdb73VHlvUFlnQ3msaA5RFOKzPDfkdHH8x4y/ xAYsuxhDO aYDV hSG4eRH2AwvqPNJe9Nqjp5mjg93c 1VK36yXAijFMiwHXuGTu7mvFqx4MnHK5MRt2lUFPXlk6lsuTDIYinQGOGUilA/.../K4oGJFN3utZ52w3xUe9snuaZF5w5yjPt0sA0RJONcbHyZCGKzEwCl5DWwmHepM2ZNqzmetctKVT7Z6Ht80bhAVjcfpsANwNP mYhzDu7JBQvANFo7YCeP8KvHLYXOriq8Dx&external_id=1423688165422991006 (free download talking tom cat for computer or pc.exe)

20 / 68 (PUP)

http://mybluegames.net/hp/?q=E9CIdhOyEQThQIKEG plhC0m9XQ0m/uTfDHMbPiKHT4hAKDjS5GHwSb8Xv6n4ZDoxQNBRZx0jATmKW1edLu32234CIdL89KOFt51T1GrD9eC/d eHG1mGSH9Oo/FdlWgzjzodmKyAnojQbYs1 e4TXv1eiE0JIA/.../V3u28ZfjJZNVNfqiInFxvUpJ3LksSgKWZ YD8HFaAJHF8B3GuG3f&external_id=1423721814778261153 (download.exe)

18 / 68 (PUP)

http://mybluegames.net/hp/?q=AGy0Jru1KQFnQIKEG pg9bxY1m2aYYdt1a3x1v/0NkPx57zDEGEHWWu1vqVRfuRGrpL5o7W8PCV64RJeJpa/pr8ihh/MAMP6uFp7gT2SSfwZVo9b0q04O4KKTfJxxWC45w8xhQNpnsIfZhtEg3n8O37N2EiGrde7geQc4wgfH1jrT KT/iLn9KKVIHY2vkxdvTQymNPdYgCSrSVzvsy6hxnCkiYyeuQ3Ny6JJfaBzOAfFiDcHktsuKFjdknUhpWgejv9Gd8ErZXnCmte74Kc7PfbXmAKvdO7DbXLZGxZd9bZD0l2ILevbRieOgNbubaI8JdEFIXW4gkpMv8aLqfwyZr0TxwKYsJM6hXlFjTG/.../jLxeVvcx8czdVtpPkgRjWJjAI3xPq1dLPc5lmSr&external_id=1423654548932350003 ({title limit=.exe)

19 / 68 (PUP)

http://mybluegames.net/hp/?q=cBcYUBNQHTKHdysurpaJQpDydJZXxXoIyH7uEi wIlz0rUln guj3FxK86HjyPJeq/ ge0gaGXu3CmBMIFMquXI7 CTrGDJEK6KZKxv0jNrF PNoM4wdcDcZEityNZMRPqN dx gv/v7kJzul33MTT9yTQ2x/OEkRzPe4XO7/eMu9FLpfRZurZLp9a51j4oX0VO8ZcP3daY2xlDWBqfmxMPdZGQGhkJTXpAUhWvq73hdwHBxjkR5WEAQS/pHvilKt1HMZVeNepYyZFM9r2nwFNVWQMQDOZ5J6u5Kfvg6Pg3ZsUBJwTiGFfj1lDdYNg0ovIza1H YWhMgrR34VJdPYOXVzX2Z7rEitvblVcQwduU9O/xLt1j E8uYuZwoUpjcEtZVynyij07lwCI5RoSFSjQURhkislPQDJ I MqigheCpiA5CPoOqr6q2ZVNrkEGG0ECPqlkesJZ9VqOubcfLq0P/.../XGbP8GvPhafd1iW&external_id=1423661658756503113 (elcomsoft_wireless_security_audito_professional_edition_onhax.ms.exe)

19 / 68 (PUP)

http://mybluegames.net/hp/?q=YYKojBMPbQUeZdefABTX8wOcxtJZGaWk3k 49ADFnZjVEJmC U4Rzt14/BfdK9EyLcwzOCP yrKBLnmu8ZZ3xqEcvlkOkl1p2dVSb 1zYFB4Pkc8mW0MhuZ15e0pQorbV9lzKTyl9bcaZX0c7bU0MyBmVZFovUWIPUXfHvYzxXDFJ/.../lRU6ZREdb5i5f3&external_id=1423661693091438418 (ewsa.exe)

22 / 68 (Adware)

http://mybluegames.net/hp/.../GJw59UfgXtv FiEa7vUYVCkc b9kOC7pZDpYTDgRZxaYcbwfWb5GGXs223dGKiAw9V IdBoiRMkavvAv94LlPd9HGC3D6yUb0Uz12rkEolvhrSrBiZQU56fJRYBQNWFpMjHiyAEcyEjPTqZ 1o7jmDf6Y0mBMOITSwosJzbko2G8fMKVQn4VcG9neoRJZoN6hLVYjs9Z0LT2RimRf9xB3pYHD6nfINXlkH0wEKs&external_id=1423690493389668510 (download.exe)

23 / 68 (PUP)

http://mybluegames.net/hp/?q=vPDKedg0x5RbMOQIKEuco8L4Oahjq9DqdSebRf VNq1t0jS9zQqxFQZwWK4jfeg3/ Dwimrca7ISjry4LHFVGLt2QkzYGsTpNc2Fq8QQ8f8npbbLzyn85Eb2X4knXleDtraukJFeen2suWLSeV7B09jrX4lwXADpoeNiID1LPKcXm4ipnO2ZUn7KsE4DW9RNpSkl/rB0iiZf8YeJ 262PcKb9hVWPzeI2bagMS1Mld6X6FjGBDKRra7/CVz7QPYswXlQv71UtJL4CSrWqMd2I2NjGYcUWct5k/SDfXQI2lQ8/.../3&external_id=1423674106631276218 (shake it off.exe)

22 / 68 (PUP)

23 / 68 (PUP)

http://mybluegames.net/hp/?q=kgaDY0QzRoinNg0123C2gene7Eeuw1gmMBQSGuXGOVb2X4kpKXUR4v0B CZUHtbgfFR h/WyD8yklAxSaAQXFkq9X7KbqpFs NXGZ5k/bnWFn06XdmAijQu5V8LnKLuAf9HGQ/yY/lPkeKzCyxKxT90QcD X7z7fdD15xPx2eY26yZo5OnOIX78ljrk8JJx03rEKelPET8mq9z19QbmG2VrkrVdDokaeosqqvHNtL8ke0Otyr5XJg4KPc3sBhqCAnkYA pqgz1bQ/fXl3O1qx/.../LIjqWYoBKoi8QsOhUHshKjp1ZEDe6V3EzB2uSoDcbZAN7NdeQtLHAYCwHIoeNz42ZRVOVN6VW1Qq0Vbafsy6esT55EeozLb6dh9ZNQjGmSYEQ&external_id=1423656243580835543 (dragon age_ inquisition patch.exe)

The following 6 files have been seen to comunicate with mybluegames.net in live environments.

TCP » 52.27.128.56:80

updating.exe

TCP » 52.27.128.59:80

download.exe

TCP » 52.27.128.62:80

updating.exe

TCP » 54.213.72.9:80

setup installer.exe (Win by Microsoft)

TCP » 54.213.72.9:80

tmp5600.tmp

TCP » 54.213.72.9:80

tmp61f7.tmp

TCP » 54.68.13.248:80

tmp781a.tmp

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.