home

get.bmmedia.net

LLC Lega media

Domain Information

The domain get.bmmedia.net registered by LLC Lega media was initially registered in April of 2013 through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Wednesday, April 17, 2013

Expires date:
Wednesday, April 17, 2019

Updated date:
Monday, April 14, 2014

ASN:
AS35415 WEBZILLA Webzilla B.V.,NL

Root domain:
bmmedia.net

Whois:
2 bmmedia.net records

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.Z, PUP.Installer.Amonetizeltd.BB, PUP.Installer.Amonetizeltd.F, PUP.Optional.WinnerSolutions.L, PUP.OOOLegaMedia.Installer (M), PUP.Cascade.Installer (M), PUP.ROSA.Installer (M), Threat.Win.Reputation.IMP, PUP.MediaStr.Installer (M)
100.00%

Dr.Web
Adware.Downware.1528, Adware.Downware.1833, Adware.Downware.2467, Adware.Downware.2095
40.00%

VIPRE Antivirus
Amonetize, Threat.4150696
40.00%

Malwarebytes
PUP.Optional.Amonetize, PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize.A
30.00%

Trend Micro House Call
TROJ_GEN.F47V1003, TROJ_GEN.F47V0123, TROJ_GEN.F47V0409
30.00%

Sophos
Amonetize
30.00%

Avira AntiVirus
ADWARE/Adware.Gen2, APPL/Downloader.Gen
30.00%

ESET NOD32
Win32/Amonetize (variant), Win32/Amonetize.AD (variant), Win32/Amonetize.AJ (variant)
30.00%

Comodo Security
ApplicUnwnt
20.00%

avast!
Win32:Amonetize-E [PUP], Win32:Amonetize-AM [PUP]
20.00%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:Downloader.Win32.Agent
20.00%

Bkav FE
W32.Clodbea.Trojan
10.00%

K7 AntiVirus
Unwanted-Program
10.00%

Emsisoft Anti-Malware
Trojan.Win32.StartPage
10.00%

McAfee
Adware-Amonetize!2F5C2A2569FF
10.00%

The domain get.bmmedia.net has been seen to resolve to the following 2 IP addresses.

188.164.255.164
April 2, 2016

78.140.170.124
February 5, 2014

File downloads found at URLs served by get.bmmedia.net.

1 / 68      (Adware)
http://get.bmmedia.net/.../?id=t9ef&sub=notif&nor=1  (downloadsetup.exe)

1 / 68      (PUP)
http://get.bmmedia.net/.../?sub=notif&nor=1&z=2  (downloadsetup_07dax.exe)

1 / 68      (Malware)
http://get.bmmedia.net/.../?sub=notif&nor=1&z=2  (downloadsetup__7818_i1340494849_il170.exe)

1 / 68      (Adware)
http://get.bmmedia.net/.../?sub=notif&nor=1&z=2  (downloadsetup_89n4u.exe)

1 / 68      (PUP)
http://get.bmmedia.net/.../?id=t9ef&sub=notif&nor=1  (downloadsetup.exe)

12 / 68    (Adware)
http://get.bmmedia.net/.../?id=t19c&sub=&lang=ru&url=&name=BitMaster  (herdProtect__2309_il1776821.exe)

1 / 68      (Adware)
http://get.bmmedia.net/.../?id=t00d&sub=boxmp3&name=Gregory Porter - Liquid Spirit (2013)&url=&lang=ru&nor=1  (gregory_porter_liquid_spirit_2013__s.exe)

10 / 68    (PUP)
http://get.bmmedia.net/.../?id=t19c&sub=&lang=ru&url=&name=BitMaster  (bitmaster_s.exe)

12 / 68    (Adware)
http://get.bmmedia.net/.../?id=t755&sub=&name=BitMaster&url=  (setup.exe)

12 / 68    (Adware)
http://get.bmmedia.net/.../?id=t755&sub=&name=BitMaster&url=  (skymonkam__2155_il1049495.exe)

12 / 68    (Adware)
http://get.bmmedia.net/.../?id=t755&sub=&name=BitMaster&url=  (skymonkam__2155_il1049495.exe)

The following 3 files have been seen to comunicate with get.bmmedia.net in live environments.

TCP » 188.164.255.164:443
bitmaster.crx

TCP » 188.164.255.164:443
bitmaster.crx

TCP » 188.164.255.164:443
bitmaster.crx

URL:
http://get.bmmedia.net/

Google Analytics:
UA-45106050

Title:
“BitMaster - Home”

Web server:
Apache/2.2.22 (Ubuntu) (PHP/5.4.9-4ubuntu2)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.