home

ongame.vn

Domain Information

Server location:
Dak Lak, Vietnam (VN)

ASN:
AS7643 VNPT-AS-VN Vietnam Posts and Telecommunications (VNPT),VN

Scanner detections:
Malware distribution  (53% detected)

Scan engine
Details
Detections

avast!
Win32:Sality, Win32:SaliCode
90.91%

F-Prot
W32/Virut.AI!Generic, W32/Sality.gen2, W32/Sality.E.gen
90.91%

ESET NOD32
Win32/Sality.NBA virus
90.91%

Dr.Web
Win32.Sector.30, Win32.Sector.22
81.82%

Microsoft Security Essentials
Threat.Undefined
81.82%

Emsisoft Anti-Malware
Win32.Sality
81.82%

McAfee
Virus.W32/Sality.gen.z
81.82%

Kaspersky
Virus.Win32.Sality, UDS:DangerousObject.Multi.Generic
72.73%

Norman
Win32.Sality.3
54.55%

VIPRE Antivirus
Threat.4721115
45.45%

AVG
Win32/Sality
45.45%

Sophos
Virus 'Mal/Sality-D'
27.27%

Trend Micro House Call
Suspicious_GEN.F47V0202
9.09%

The domain ongame.vn has been seen to resolve to the following IP address.

222.255.38.174
static.vdc.vn
December 28, 2013

File downloads found at URLs served by ongame.vn.

0 / 68
http://ongame.vn/.../OngameStartHelper.exe  (bd596ca63edbb907fd8c1c90de8308bb)

0 / 68
http://ongame.vn/GAMEDOWNLOAD/.../holla.exe  (71bca3d52d94b0c920817c76617b1b1f)

9 / 68      (Infected)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (93e21052507b887e8d96953ced68e5e0)

9 / 68      (Infected)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (a31dcaafb54868a284f089191a015a37)

0 / 68
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (fa412491552f54c9cdde6710232621e5)

9 / 68      (Infected)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (9be68039a5a7f461ceb6c73161c0a2fd)

2 / 68      (inconclusive)
http://ongame.vn/Unity3D/.../Ongame_Launcher.exe  (1bf944f90c048226a4f12978ed9a5e48)

12 / 68    (Infected)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (d5298fa87308fe9b4ef0dd276f33f8df)

12 / 68    (Infected)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (df6d352e03dd6832831c3ed85a9e4c5d)

9 / 68      (Infected)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (5e248e26611f232c0b87f03cd5f286f7)

12 / 68    (Infected)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (756ddbb24fbbbf10afb8556e2089024f)

10 / 68    (Malware)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (421265089e1ee97a42ee51ad1206a4d5)

8 / 68      (Infected)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (e0534f0b838cd0a1d2e6d7e09a94bfea)

2 / 68      (inconclusive)
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (6491f9e8b907e213d3d80b24eefbc624)

0 / 68
http://ongame.vn/Unity3D/.../Ongame_StarterInstall.exe  (c98c0906543e88bec15be0a51e8c3cd4)

0 / 68
http://ongame.vn/.../OngameStartHelper.exe  (de2a9c0d234471be3138a35f1fa4c3b9)

0 / 68
http://ongame.vn/.../OngameStartHelper.exe  (7d6518ae1901a69bc5a01ad63995ef48)

The following 2 files have been seen to comunicate with ongame.vn in live environments.

TCP » 222.255.38.174:80
csess.exe

TCP » 222.255.38.174:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

February 22, 2016
download.ongame.vn

March 2, 2016
fb.ongame.vn

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.