» www.klumag.net
Overview
Analysis
IPs Addresses (6)
Downloads (193)
Network (228)
Website Detail

www.klumag.net

WHOISGUARD, INC. (Proxy Registrant)

Domain Information

The domain www.klumag.net is registered by proxy through ENOM, INC. and was originally registered in June of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the OVH Hosting, Inc. network.

Registrant:

WHOISGUARD, INC.

Registrar:

ENOM, INC.

Server location:

Quebec, Canada (CA)

Create date:

Wednesday, June 4, 2014

Expires date:

Thursday, June 4, 2015

Updated date:

Wednesday, June 4, 2014

ASN:

AS16276 OVH OVH SAS,FR

Root domain:

klumag.net

Whois:

1 klumag.net record

Scanner detections:

Detections (98% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.BR Software.BRSOFTWA (M), PUP.BR Software (M), PUP.Midia Technologies (M)

98.00%

avast!

Win32:Adware-BJA [PUP]

2.00%

The domain www.klumag.net has been seen to resolve to the following 6 IP addresses.

103.224.182.241

lb-182-241.above.com

September 17, 2016

54.72.9.51

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com

June 3, 2016

185.53.177.8

May 30, 2016

185.53.177.12

May 27, 2016

192.99.4.18

onlinemidia.com

July 10, 2014

192.95.8.55

June 21, 2014

File downloads found at URLs served by www.klumag.net.

1 / 68 (Adware)

http://www.klumag.net/ids/.../Destruction Derby: Arenas – PS2.exe (destruction derby- arenas ps2.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Vigilante 8 – PS1.exe (vigilante 8 ps1.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/id51/.../CD_Daniel_–_Meu_Reino_Encantado.exe (cd_daniel__meu_reino_encantado.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../getFile?lnk=Rmxhc2hQbGF5ZXJ8aHR0cDovL2dldC5hZG9iZS5jb20vYnIvZmxhc2hwbGF5ZXIv&dec=1 (flashplayer.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../ – Anticristo.exe (36e562fcaa0ab4f06f24bd096b543663)

1 / 68 (Adware)

http://www.klumag.net/ids/.../ Filme AntiCristo – Dublado.exe (filme anticristo dublado.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/id55/.../Iniciar-Download.exe (eed2f6a5c5c9e532d562580becdd72ff)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Roubo Nas Alturas Dublado AVI DVDRip.exe (1240c6fd719bfc0165a2ca4d64ae37ba)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Todo Mundo Quase Morto Dublado AVI DVDRip.exe (2d84576014f0f8e4e65f88716cea6f3c)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Sandrinha E A Garotada Vol 3 voz E Play Back .exe (sandrinha e a garotada vol 3 voz e play back.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Turma Do Barulho Vol 3.exe (turma do barulho vol 3.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Turma Do Barulho Vol. 10.zip (turma do barulho vol. 10.zip.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../baixar?lnk=QmFpeGFyIEZpbG1lIFNlbSBFc2NhbGFzICBEdWJsYWRvfGh0dHA6Ly91cGxvYWRlZC5uZXQvZmlsZS81dGZwYWIwdg== (baixar filme sem escalas dublado.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Download Sem Escalas Dublado Online.zip (download sem escalas dublado online.zip.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Baixe Ativador Office 2013 Definitivo.exe (7320e14bb035eb6f75322991564b5ab4)

1 / 68 (Adware)

http://www.klumag.net/ids/.../ Quarentena.exe (77c2ce488feb855d8780664fc900b2dc)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Quarentena Dublado Bluray 720p 2009 .exe (quarentena dublado bluray 720p 2009.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Download â€“ PC: Age of Empires III 3 (Completo).zip (download pc- age of empires iii 3 (completo).zip.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../As Aventuras de Peabody e Sherman – Dublado.exe (as aventuras de peabody e sherman dublado.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../ – Carol Muniz : Sexy Julho 2014.exe ({blocked}.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../ Filme Freddy Vs Jason – DualAudio.exe (filme freddy vs jason dualaudio.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Download Deep Freeze Enterprise Ativacao.exe (download deep freeze enterprise ativacao.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../X-men: Dias De Um Futuro Esquecido Legendado.exe (x-men- dias de um futuro esquecido legendado.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Need for Speed The Run â€“ Nintendo 3DS.exe (need for speed the run nintendo 3ds.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/id156/.../ Parana.exe (9ce4dd02c17519f9d6f69b091e266961)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Grand Theft Auto: San Andreas – PC.exe (grand theft auto- san andreas pc.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../ Frozen Uma Aventura Congelante.exe (a58c6b9ccd09af5d4c92b68359aa3888)

1 / 68 (Adware)

http://www.klumag.net/ids/.../Branca de Neve e os Sete Anões Dublado AVI DVDRip.exe (branca de neve e os sete anes dublado avi dvdrip.exe)

1 / 68 (Adware)

http://www.klumag.net/ids/.../ – Encore v5.0.1.exe (77b6a66cc47f26b2536df4d82b95ab94)

1 / 68 (Adware)

http://www.klumag.net/ids/.../ Dvd Cesar Menotti E Fabiano Ao Vivo No Morro Da Urca.exe (dvd cesar menotti e fabiano ao vivo no morro da urca.exe)

Latest 30 of 193 download URLs

The following 228 files have been seen to comunicate with www.klumag.net in live environments.

TCP » 54.72.9.51:80

toolbarupdaterservice.exe

TCP » 54.72.9.51:80

hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80

onedrvup.exe

TCP » 54.72.9.51:80

hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80

247843.ftf (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.51:80

1799877.exe

TCP » 54.72.9.51:80

IEError.exe (IEError)

TCP » 54.72.9.51:80

install_flashplayer14x32_x64md_aaa_aih.exe (bon joueur)

TCP » 54.72.9.51:80

optimizerproinstaller.exe (Optimizer Pro v3.2 by PCUtilities Software Limited)

TCP » 54.72.9.51:80

charles.exe (by Apple)

TCP » 54.72.9.51:80

onedrv.exe

TCP » 54.72.9.51:80

IEError.exe (IEError)

TCP » 54.72.9.51:80

updater27793.exe (CouponDropDown Plugin by Innovative Apps)

TCP » 54.72.9.51:80

install_flashplayer16x33_masp_aaa_aih.exe (by Apple)

TCP » 54.72.9.51:80

toolbarupdaterservice.exe

TCP » 54.72.9.51:80

hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80

g.jpg

TCP » 54.72.9.51:80

smlb.jpg

TCP » 54.72.9.51:80

smlb.jpg

TCP » 54.72.9.51:80

hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

Latest 20 of 234 files

URL:

http://www.klumag.net/

Web server:

nginx/1.0.15

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.