home

plantsvszombies.luckycitygames.com

HICHAM TIMOURI

Domain Information

The domain plantsvszombies.luckycitygames.com registered by HICHAM TIMOURI was initially registered in August of 2015 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beauharnois, Quebec within Canada.
Registrar:
ENOM, INC.

Server location:
Quebec, Canada (CA)

Create date:
Wednesday, August 26, 2015

Expires date:
Friday, August 26, 2016

Updated date:
Monday, January 4, 2016

ASN:
AS16276 OVH OVH SAS,FR

Root domain:
luckycitygames.com

Whois:
1 luckycitygames.com record

Scanner detections:
Detections  (64% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/InstallMonetizer.AN potentially unwanted application, Win32/Sality.NBA virus
61.11%

avast!
NSIS:InstMonetizer-CA [PUP], Win32:Kukacka, Win32:SaliCode, Win32:Sality, Win32:Evo-gen [Susp]
55.56%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A, Threat.Undefined
38.89%

Reason Heuristics
PUP.InstallMonetizer.ET (M), Threat.Win.Reputation.IMP
38.89%

F-Prot
W32/Sality.gen2, W32/Sality.E.gen
27.78%

VIPRE Antivirus
Threat.4150696, Threat.4721115
22.22%

Dr.Web
Win32.Sector.30
22.22%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
16.67%

Kaspersky
not-a-virus:AdWare.Win32.InstallMonster, Virus.Win32.Sality
16.67%

Emsisoft Anti-Malware
Win32.Sality
16.67%

AVG
Win32/Sality
16.67%

F-Secure
Application:W32/Generic.70053c248f!Online, Win32.Sality.3
11.11%

ESET NOD32
Win32/InstallMonetizer.AN potentially unwanted
11.11%

McAfee
Trojan.Artemis!52EA49057087
11.11%

Norman
Win32.Sality.3
11.11%

The domain plantsvszombies.luckycitygames.com has been seen to resolve to the following 2 IP addresses.

192.95.62.230
February 6, 2016

192.95.1.220
node5.heberfacile.net
January 4, 2016

File downloads found at URLs served by plantsvszombies.luckycitygames.com.

0 / 68
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamemanager.exe)

1 / 68      (inconclusive)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamedownloadmanager_v2.2.6.exe)

7 / 68      (Infected)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamedownloadmanager_v2.2.6.exe)

6 / 68      (Malware)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (mygamesetup.exe)

0 / 68
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamedownloadmanager_v2.2.6.exe)

2 / 68      (PUP)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamemanager.exe)

1 / 68      (inconclusive)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (mygamesetup.exe)

2 / 68      (PUP)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamedownloadmanager_v2.2.6.exe)

3 / 68      (PUP)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamedownloadmanager_v2.2.6.exe)

1 / 68      (Malware)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamemanager.exe)

13 / 68    (Infected)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamemanager.exe)

11 / 68    (Infected)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamemanager.exe)

5 / 68      (PUP)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamemanager.exe)

2 / 68      (PUP)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamedownloadmanager_v2.2.6.exe)

0 / 68
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamedownloadmanager_v2.2.6.exe)

2 / 68      (false positives)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (wrar420.exe)

3 / 68      (PUP)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamedownloadmanager_v2.2.6.exe)

1 / 68
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (install_plants_vs_zombies.exe)

3 / 68      (PUP)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (gamedownloadmanager_v2.2.6.exe)

3 / 68      (PUP)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (game_setup.exe)

5 / 68      (PUP)
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (mygamesetup.exe)

0 / 68
http://plantsvszombies.luckycitygames.com/plants-vs-zombies_s1_l1_gF5038T1L1_d2549678107.exe  (criminal-minds_s1_l1_gf7141t1l1_d2282208629.exe)

URL:
http://plantsvszombies.luckycitygames.com/

Title:
“Index of /”

Web server:
Apache

gtaplaystore.com

softomato.com

turbodisk.net

uploadtobox.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.