» xgamesplease.com
Overview
Analysis
IPs Addresses (1)
Downloads (3)
Related Domains (1)

xgamesplease.com

Danilo Martins

Domain Information

The domain xgamesplease.com registered by Danilo Martins was initially registered in September of 2014 through DIGIRATI INFORMATICA SERVICOS E TELECOMUNICACOES LTDA DBA HOSTNET.COM. Currently this domain has been known to host various forms of malware. The hosted servers are located in Sao Paulo, Sao Paulo within Brazil which resides on the Latin American and Caribbean IP address Regional Registry network.

Registrant:

Danilo Martins

Registrar:

DIGIRATI INFORMATICA SERVICOS E TELECOMUNICACOES LTDA DBA HOSTNET.COM

Server location:

Sao Paulo, Brazil (BR)

Create date:

Tuesday, September 23, 2014

Expires date:

Friday, September 23, 2016

Updated date:

Monday, January 25, 2016

ASN:

AS7162 Universo Online S.A.,BR

Whois:

2 xgamesplease.com records

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

MicroWorld eScan

Trojan.GenericKD.1907660, Trojan.GenericKD.1909798, Trojan.GenericKD.1911409

100.00%

Kaspersky

Trojan-Banker.Win32.Banbra, Trojan-Dropper.Win32.Agent

100.00%

Bitdefender

Trojan.GenericKD.1907660, Trojan.GenericKD.1909798, Trojan.GenericKD.1911409

100.00%

Lavasoft Ad-Aware

Trojan.GenericKD.1907660, Trojan.GenericKD.1909798, Trojan.GenericKD.1911409

100.00%

Emsisoft Anti-Malware

Trojan.GenericKD.1907660, Trojan.GenericKD.1909798, Trojan.GenericKD.1911409

100.00%

F-Secure

Trojan.GenericKD.1907660, Trojan.GenericKD.1909798, Trojan.GenericKD.1911409

100.00%

G Data

Trojan.GenericKD.1907660, Trojan.GenericKD.1909798, Trojan.GenericKD.1911409

100.00%

Baidu Antivirus

Trojan.Win32.Banker, Trojan.Win32.Dropper

100.00%

Panda Antivirus

Trj/Chgt.H

66.67%

nProtect

Trojan.GenericKD.1909798, Trojan.GenericKD.1911409

66.67%

McAfee

RDN/PWS-Banker!dl, Artemis!CB4D4164B499

66.67%

Trend Micro House Call

TROJ_GEN.R00JH07JA14, TROJ_GEN.R047H09JT14

66.67%

avast!

Win32:Malware-gen

66.67%

Avira AntiVirus

TR/Rogue.521728.4, TR/Rogue.521728.5

66.67%

AhnLab V3 Security

Trojan/Win32.Banbra

66.67%

The domain xgamesplease.com has been seen to resolve to the following IP address.

200-98-151-45.clouduol.com.br

October 20, 2014

File downloads found at URLs served by xgamesplease.com.

28 / 68 (Malware)

http://xgamesplease.com/.../?flashplayer (install_flashplayer15x32_mssa_aaa_aih.exe)

22 / 68 (Malware)

http://xgamesplease.com/.../?flashplayer (atualizar_flash_player.exe)

9 / 68 (Malware)

http://xgamesplease.com/.../?flashplayer (install_flashplayer15x32_mssa_aaa_aih.exe)

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.