home

b.mysticed.xyz

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
mysticed.xyz

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP
100.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.MPlug.38
28.57%

Lavasoft Ad-Aware
Gen:Variant.Adware.MPlug.38
28.57%

avast!
Win32:MultiPlug-ZD [PUP]
28.57%

Avira AntiVirus
TR/Crypt.XPACK.Gen
28.57%

AVG
Adware Generic6.AKZC, Adware Generic6.AKYO
28.57%

Sophos
PUA 'MultiPlug' (of type Adware)
28.57%

MicroWorld eScan
Gen:Variant.Adware.MPlug.38
28.57%

K7 AntiVirus
Unwanted-Program
28.57%

Bitdefender
Gen:Variant.Adware.MPlug.38
28.57%

F-Secure
Gen:Variant.Adware.MPlug
28.57%

F-Prot
W32/S-d27945fd, W32/S-2ece0b92
28.57%

G Data
Gen:Variant.Adware.MPlug.38
28.57%

AhnLab V3 Security
PUP/Win32.MultiPlug
28.57%

McAfee
MultiPlug-FWG, Program.MultiPlug-FWG
28.57%

The domain b.mysticed.xyz has been seen to resolve to the following 6 IP addresses.

31.170.178.179
June 7, 2016

185.28.193.192
192.193.28.185.gransy.com
June 7, 2016

52.26.142.209
ec2-52-26-142-209.us-west-2.compute.amazonaws.com
July 1, 2015

52.11.167.137
ec2-52-11-167-137.us-west-2.compute.amazonaws.com
July 1, 2015

54.69.228.231
ec2-54-69-228-231.us-west-2.compute.amazonaws.com
May 6, 2015

54.149.241.47
ec2-54-149-241-47.us-west-2.compute.amazonaws.com
May 6, 2015

File downloads found at URLs served by b.mysticed.xyz.

1 / 68      (Malware)
http://b.mysticed.xyz/v31161?self_redirect=0&product_name=sorriso.rar&file size=&product_title=sorriso.rar&installer_file_name=sorriso.rar&product_file_name=sorriso.rar&product_download_url=http://fra-7m17-stor09.uploaded.net/.../aba1ad0f-c6f8-4aee-a5cb-0ac9f5d2f5cf  (sorriso.rar.exe)

1 / 68      (Malware)
http://b.mysticed.xyz/v31161?self_redirect=0&product_name=MarceloCamelo-VvTSPedro.13.GG.BaixandoFacil.com.rar&file size=&product_title=MarceloCamelo-VvTSPedro.13.GG.BaixandoFacil.com.rar&installer_file_name=MarceloCamelo-VvTSPedro.13.GG.BaixandoFacil.com.rar&product_file_name=MarceloCamelo-VvTSPedro.13.GG.BaixandoFacil.com.rar&product_download_url=http://am4-r1f4-stor08.uploaded.net/.../d6ddb228-ead9-43b1-be7b-e0b1456c186f  (marcelocamelo-vvtspedro.13.gg.baixandofacil.com.rar.exe)

1 / 68      (Malware)
http://b.mysticed.xyz/hp/?q=md/L55eBfnSoiMOQIKsaasQUfM1x/VEV9rdZPISHBnOPq/VW4zTfDwLMx7LLqCCToOndrA919F1GptZ8oNKPMb MwnJ3bKPs8C0AjxICdp4zNG9wuEA2Q2iLjiGP5BQh7ZI/hlff8ImtBpSSFSxFKGwX0RMiF4ShzCEfQYSFCfEhtg /LfsZr 07x /mmEtaTdjYohh nVQO/8lvt4SNfGUBLwC9BW54ncKZNzXg/MPYOKBZXlx5xJuYO5QUYf6vrVEVYek12OHpOnNAg3vywzTB4WwGQYpdoRaIIgx4Wdt9kBjXBG8lHBrsl9pcYFvI7sbzGAIHASPvDBYK4Ei4orIZUHpxq9ZCf49WlZE7ngcAgLHdNIC2p1dLx92zt7y2hEonNK4SZh5tRXFkmRwV9bHYcI9q5YrEUYYOKibB0sUWlSUrtsTTxPsvPsODvpjHVIADIFGg9skfTe15V 8Z4mki3MvVpcnHzXrwdH3TwFQUwFqDLtsiAUso3RdrZ0eI6VS/Y1spGaHGXEJye8rVc4M fPjt5TZz7VMDnJzjZdYNItOy5UgIgXTFVcq68CPRa3/pD/bZN1Wj3zglsZLNAYlOJNYaD55qEHnx7XYuBLhMGuK7kju8V10KdfhN9HW2V8sn/ 7fU8/.../eQd13vH&external_id=1430155512902024751&uuid=wGkVtUIqZESdbyz895267mSdivt2oiDY36IkoSH2KfX6xw5aY2BALW1BhV5dwIQ6mkxW38VBgsI0V5Q7joBWfwMfnnhNk7ohVfQOsZ5093IM9vXk6EpKdA3LP402RPRlwXQ1s0L96XJ5L5SQPQz1ZO0tc1k6DgtC2AXYZMbRukeTxGGFOnAQWENUkYQayanEsSITs5dVDtXX1lWvAuUwIkSIr4EjWjJlMjrZawhkFRju3Vl7EnJJeMW1NJfX9WDBwGOAY1qHYRZalQBSV1  (sketch guru for pc.exe)

1 / 68      (Malware)
http://b.mysticed.xyz/hp/?q=md/L55eBfnSoiMOQIKsaasQUfM1x/VEV9rdZPISHBnOPq/VW4zTfDwLMx7LLqCCToOndrA919F1GptZ8oNKPMb MwnJ3bKPs8C0AjxICdp4zNG9wuEA2Q2iLjiGP5BQh7ZI/hlff8ImtBpSSFSxFKGwX0RMiF4ShzCEfQYSFCfEhtg /LfsZr 07x /mmEtaTdjYohh nVQO/8lvt4SNfGUBLwC9BW54ncKZNzXg/MPYOKBZXlx5xJuYO5QUYf6vrVEVYek12OHpOnNAg3vywzTB4WwGQYpdoRaIIgx4Wdt9kBjXBG8lHBrsl9pcYFvI7sbzGAIHASPvDBYK4Ei4orIZUHpxq9ZCf49WlZE7ngcAgLHdNIC2p1dLx92zt7y2hEonNK4SZh5tRXFkmRwV9bHYcI9q5YrEUYYOKibB0sUWlSUrtsTTxPsvPsODvpjHVIADIFGg9skfTe15V 8Z4mki3MvVpcnHzXrwdH3TwFQUwFqDLtsiAUso3RdrZ0eI6VS/Y1spGaHGXEJye8rVc4M fPjt5TZz7VMDnJzjZdYNItOy5UgIgXTFVcq68CPRa3/pD/bZN1Wj3zglsZLNAYlOJNYaD55qEHnx7XYuBLhMGuK7kju8V10KdfhN9HW2V8sn/ 7fU8/.../eQd13vH&external_id=1430155512902024751&uuid=dp3FXkVk3wnOp3FzBWlas3KzjcGpAQm4wthFs7zZ65HBXrdQ7DD26HWGf3qINoySo80nCQm4xpGVxuVVFU4uo1VS88WObMGslE4DyudD5AVRYcT39HsoE9LBzwxAH3Jw05T7d1b7jCSWfeGp2xL1t5AKQ4ltjNyVRCWuk1PqlkhoZc7zjqMGJ3bX6yfNivQkgnemJeaR5AVklmdnoqTp3KHoph7TVXk4fnHuuaDHgH91nJHLnD9LxkUd4fH2r81QixJzkC7KNyZnZvsNqG  (sketch guru for pc.exe)

1 / 68      (Malware)
http://b.mysticed.xyz/hp/?q=md/L55eBfnSoiMOQIKsaasQUfM1x/VEV9rdZPISHBnOPq/VW4zTfDwLMx7LLqCCToOndrA919F1GptZ8oNKPMb MwnJ3bKPs8C0AjxICdp4zNG9wuEA2Q2iLjiGP5BQh7ZI/hlff8ImtBpSSFSxFKGwX0RMiF4ShzCEfQYSFCfEhtg /LfsZr 07x /mmEtaTdjYohh nVQO/8lvt4SNfGUBLwC9BW54ncKZNzXg/MPYOKBZXlx5xJuYO5QUYf6vrVEVYek12OHpOnNAg3vywzTB4WwGQYpdoRaIIgx4Wdt9kBjXBG8lHBrsl9pcYFvI7sbzGAIHASPvDBYK4Ei4orIZUHpxq9ZCf49WlZE7ngcAgLHdNIC2p1dLx92zt7y2hEonNK4SZh5tRXFkmRwV9bHYcI9q5YrEUYYOKibB0sUWlSUrtsTTxPsvPsODvpjHVIADIFGg9skfTe15V 8Z4mki3MvVpcnHzXrwdH3TwFQUwFqDLtsiAUso3RdrZ0eI6VS/Y1spGaHGXEJye8rVc4M fPjt5TZz7VMDnJzjZdYNItOy5UgIgXTFVcq68CPRa3/pD/bZN1Wj3zglsZLNAYlOJNYaD55qEHnx7XYuBLhMGuK7kju8V10KdfhN9HW2V8sn/ 7fU8/.../eQd13vH&external_id=1430155512902024751&uuid=igqo1x4ReFJR02h7T8jyOOWgkSu8YAv8JtgoHaiQze7TkzaxNOFbGDqrXnuZGJSPNOKKw3v7M2Lgq01AhTqe76YrqTowlrR8HgCA0nG88nZcTXcMQJtpqCK5jUiSJiLRYgpfuZt97VVncFnWn3wGajXeMD3uZoEHoGZVOK5z8Dr64Yu2bmxtw8NSLWJixx1mX6qZb1dwCmRtgiQDpYaQKDjxZ3qVefkHiGhCdmd6UxrvJB8vYHRWAVyIgwVbW6SgndRGQX0e8KAtePWt2d  (sketch guru for pc.exe)

22 / 68    (PUP)
http://b.mysticed.xyz/hp/?q=c6k79xYN4MdsNPRJLFvnKq4F28AYGUzKtAVhga9d7C070RB5BnN2v1C1kNAWTot/in6GFTHmT4N7T8e9ZM0fuvrogElN7IzJdsbCHL4lBZpoS9bsODcQGlocTZQMP4Yk8u3hsvBm94xuX3Q8vWRYP FvOHvoiFviK/Vbpsj3IwlUQWsxezKUBK5Ji2YCB0VeKCCD7ScgPjutPvfzyvbfGsEBWvLwcDWmbZ62LwU/5BTtFI5d0uX7dHM8zsKYaWsL7StMadigYH/uUltzwN8FILerS0/2ikuaCFK4oGNXwQlnqYHxcQWIRcDjXgMpoZHcqG2z0AeacNSLjsjRw FFBKw2p2a/huyb9BShvevvrxD wNkqP4EU5k7LegmqNqk6jhmeVfdVX4l4TBB 4iAuVcPd2eGQhd5JFl 4ZS qnnCbFHFUyo87/MOsd5f4lCpUMrhTBry9pmKAlreeHAUa5f ZWrCPMgYxsZzKLDz AhterBTGwvz0Si9nkJ6Xdm7CyIsxhQ/Q0hBDL7rVNLlIJXmV2JRMgR9JeKs k6QaNG3TB3 Um89x19OUMkdEv3UK 0TK0zGOy8R YAlXJRxdPEi6Ez51lYiaN0v0mCDvtOZE9qbd1ePzLxC0BrMq2/erkwUhEWXBzsSbdXcSfNoBrKjvRNG7hg/JZr5R0Vgkd1 pgBT7zCbnTnlfvsPxWtvIejAcyOiE uJdWuldwTL5Qbn15h5RP1qRuXwG4t3gfURFM9bYL0fgwPQ5AfxjbRODb4bfEhlY8dA8tMiX5/dPZD6lRG2RbgBJt3sy2y6 0Lm//zWmOtX7w wn5y4AqJvCBawWaaAZqT9uLlhbuEQa/o2ma/s0x9d8vDBY2xxZvXZlRsK2ogP7cVGTuvEw/J gort//f7qnPIQqZ 0AkYk9P8m/.../kqYKd bY7b41T8DhwjcOUnosgAR540TddsGGK  (the kickdrums - breathe again free mp3 download.exe)

17 / 68    (PUP)
http://b.mysticed.xyz/hp/?q=iefMQLj0w6hP6jlhab7yvWksPbjEXfziuUxLEipbXegdH0818/xq cf1mz0di1UholdsNQsA3pVAGLFJ3/lrtwE0eYR5/FDtPZRMWakCSirSQa7ATu33d0TE3d7X380m97KfPcR2tVuT1bskmt2TJRa2pAx44MPRIN04yIZMGcTGKZzNv3C8S8bSEYDMqGC75HYPwCc1QsTs 5kgFto8ZyqoaWVFme/VZrELStCvUgb3/LIaUUrMyOQILf0vh9RSyvkUsbUHAtmkTOjPgUmROC/nhB4AOpb6cEANIIKy2JhlObe00PFUBient88W7UKgh1ucBhsP/fuZW wBUzlUovzJH2QOoLFFsNGInHtRUzmv59g5wxrWgZzLkxNOuAEhYLFFufxKiHVgsYEckRvuVIQFDa9b4n04NW0TvxlSRW5hqfPZRvAI0stStsihvAiwJ0UGtPPX2MdY7ZUVv91QeE3MQiLgVjqeg3z1VXkR1ChRjSpBY1EzdRmQXS7ZsPY4du1FHgCsqYwNV2HTiMVS4YuzdNXimsRR8QX as3mPI1/Qcf0/m7FwoqBLmsIDeEOg47mjTeuu/RPkwYLXVfE5ty4NJPnrkXD3h36FC1Zh/sXFL9GyX9ifxZFdmrnl16cWjiq8hZ5zOqlrjp3EeUws1CXznCU8WrqvZNwrV87OVeIbgch/KlK7PpihRGhGiKZRSsU/q7E9v2jLlnIjTeytgimfietwN61xlf76dws/wmwZZGG/j/aha4XJcgnbQ7rhkM9yWJxmVQ4xsTr9WOFYBNxdVmag7V/.../PQSqqsdfI9xQMYXq5NhHR  (someone.marry.barry.2014.french.dvdrip.xvid-alboy.zone-telechargement.com.exe)

The following 25 files have been seen to comunicate with b.mysticed.xyz in live environments.

TCP » 185.28.193.192:80
mdquickyksvc.exe (ModenQuick Service by PT. USENET)

TCP » 185.28.193.192:80
mdruyksvc.exe (ModernRu Service by PT. USENET)

TCP » 185.28.193.192:80
winmbskillssvc.exe (MobinSkills Service by PT.USENET)

TCP » 185.28.193.192:80
triggerlogs.exe

TCP » 185.28.193.192:80
wdm.bin

TCP » 185.28.193.192:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 185.28.193.192:80
winmbtuscasvc.exe (MobinTusca Service by PT.USENET)

TCP » 185.28.193.192:80
online-guardian-v2.0.9.exe

TCP » 185.28.193.192:80
Downloader.exe (Downloader)

TCP » 185.28.193.192:80
onlineguardian-v2.exe

TCP » 185.28.193.192:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 185.28.193.192:80
d9re-markablep23.exe

TCP » 185.28.193.192:80
winzillsvc.exe (ModenZill Service by PT.USENET)

TCP » 185.28.193.192:80
online-guardian.exe

TCP » 185.28.193.192:80
online-guardian-v2.exe

TCP » 185.28.193.192:80
update.exe (by Winner Updater Solutions)

TCP » 185.28.193.192:80
windilandsvc.exe (ModinLand Service by PT.USENET)

TCP » 185.28.193.192:80
windihepssvc.exe (ModinHeps Service by PT.USENET)

TCP » 185.28.193.192:80
windimixsvc.exe (ModinMix Service by PT.USENET)

TCP » 185.28.193.192:8000
buool.exe (LgGJSHMt)

 
Latest 20 of 25 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.