Domain > hmgame.net

More information on this domain is in AlienVault OTX

Is this malicious?

Most users have voted this as MALICIOUS

Reports

http://www.malware-traffic-analysis.net/2016/03/18...

https://otx.alienvault.com/pulse/56ec8aff4637f2285...

http://www.malware-traffic-analysis.net/2016/03/18...

https://ransomwaretracker.abuse.ch/downloads/RW_UR...

Files that talk to hmgame.net

MD5	A/V
7ccc4b8953bcea7831c48e1a7eda61eb	[Trojan.Downloader.JSSW] [JS/Nemucod.ds] [Trojan.Downloader.JSSW] [JS.Downloader] [JS/TrojanDownloader.Nemucod.JN] [Trojan-Downloader.JS.Cryptoload.gg] [Trojan.Downloader.JSSW] [Troj/JSDldr-FI] [Trojan-Downloader:JS/Locky.D] [JS/Nemucod.ds] [JS/Locky.KT.30] [TrojanDownloader:JS/Locky.A] [HEUR.JS.Trojan.b] [Trojan.Downloader.JSSW] [Trojan.Downloader.JSSW] [Js.Trojan.Raas.Auto] [Trojan-Downloader.JS.Nemucod] [JS/Nemucod.JN!tr.dldr]
36876e94ffe785addb9b21e85f78b2fd	[Ransom_HPCRYPTESLA.SMJ9] [W32/Kryptik.EQMA!tr]
6f03af67277b572c1ccbe5d9bf72e22e	[Ransom.TeslaCrypt] [BehavesLike.Win32.VirRansom.fc] [W32/Kryptik.ERHM!tr]
520c057695e867821e1ff25570683899	[Win32.Trojan.Filelocker.Srng]
a5af9a8d582553b8cc39a91a3f04db56	[Win32.Trojan.WisdomEyes.151026.9950.9999]
bf0c8086d1fdec1704070e35ca845b06	[HW32.Packed.92D0] [Win32.Trojan.Kryptik.qc] [Suspicious.Cloud] [Trojan.Win32.Ranosm.215304[h]] [Win32.Trojan.Inject.Auto]
61465a74eba9183c022445de41f7a144	[HW32.Packed.EB81] [Ransom.TeslaCrypt] [Suspicious.Cloud.5] [Ransom_LOCKY.AP] [Trojan-Ransom.Win32.Bitman.syh] [Ransom_LOCKY.AP] [BehavesLike.Win32.VirRansom.fc] [TR/AD.TeslaCrypt.Y.431] [Win32.Trojan.Raas.Auto] [W32/Kryptik.ERHM!tr] [Ransom_r.Q]
ec7cc7e76b217ca41ccbeedfdcd52e63	[Win32.Trojan.WisdomEyes.151026.9950.9997]
e522bfbce4d10eb94d54026cf8843e96	[HW32.Packed.632F] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9983] [Suspicious.Cloud.5] [Win32.Trojan.Raas.Auto] [BehavesLike.Win32.VirRansom.fc] [TR/AD.TeslaCrypt.Y.432] [Trojan/Win32.Teslacrypt]
a165ccca8b3af62e376de298f95ac1c2
0813d7d89b8a451aa29ae0ecfd77221f	[Ransom.TeslaCrypt] [Win32.Trojan.Kryptik.qb] [Win32/Filecoder.TeslaCrypt.K] [Win32.Trojan.Filelocker.Dkt]
576843410270ed36335d3aacf0564107	[HW32.Packed.7A43] [Ransomware-FGW!F88022E28D6C] [Ransom.TeslaCrypt] [Ransom_.C2E94461] [Trojan-Ransom.Win32.Bitman.tgx] [Ransom_.C2E94461] [Trojan.Mikey.D826A] [W32/Kryptik.ERLK!tr] [Ransom_r.Q]
485f51a05a662cbba15844735e115170	[HW32.Packed.6592] [Trojan.Crypt.KW] [Ransom.TeslaCrypt] [Trojan.Crypt.KW] [Win32.Trojan.Kryptik.qc] [W32.IRCBot.NG] [Ransom_CRYPTESLA.YKA] [Trojan-Ransom.Win32.Bitman.thr] [Trojan.Win32.Ranosm.215304[h]] [Uds.Dangerousobject.Multi!c] [Win32.Trojan.Kryptik.Pctb] [Trojan.Crypt.KW] [Trojan.Crypt.KW] [Trojan.AVKill.60586] [Ransom_CRYPTESLA.YKA] [BehavesLike.Win32.PWSZbot.dh] [W32/Trojan.AOQI-6889] [TR/Crypt.Xpack.434496] [Trojan[Ransom]/Win32.Bitman] [Trojan.Crypt.KW] [Trojan/Win32.Teslacrypt] [Trojan.Crypt.KW] [Trojan.Win32.Crypt] [W32/Kryptik.ERLT!tr] [Crypt5.AQBK]
056b6e039677bea230b470b001fe5b44
778ecc620c2fbea260c7c2c1ec15b387	[Artemis!778ECC620C2F] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9972] [Win32/Filecoder.TeslaCrypt.K] [Trojan.AVKill.60596] [BehavesLike.Win32.Downloader.gh] [TR/Crypt.Xpack.434809] [Trojan.Graftor.D4336C] [Trojan/Win32.Teslacrypt] [Trojan:Win32/Dynamer!ac] [FileCryptor.IQJ]
093998d8f98531ac609eee69d8645380	[HW32.Packed.3A17] [Trojan.Crypt.KW] [Ransom.TeslaCrypt] [Win32.Trojan.Kryptik.qc] [W32.IRCBot.NG] [Ransom_CRYPTESLA.YKA] [Trojan-Ransom.Win32.Bitman.thp] [Trojan.Crypt.KW] [Trojan.Win32.Ranosm.215304[h]] [Uds.Dangerousobject.Multi!c] [Trojan.Crypt.KW] [Trojan.Crypt.KW] [Trojan.AVKill.60586] [Ransom_CRYPTESLA.YKA] [BehavesLike.Win32.PWSZbot.dh] [TR/Crypt.Xpack.434496] [Trojan[Ransom]/Win32.Bitman] [Trojan.Crypt.KW] [Trojan/Win32.Teslacrypt] [Trojan.Crypt.KW] [Win32.Trojan.Inject.Auto] [Trojan.Win32.Crypt] [W32/Kryptik.ERLT!tr] [Crypt5.AQBK]
19e72973308f8346c3dc5684ec8f9ce8	[Win32.Trojan.WisdomEyes.151026.9950.9995]
63384347ea7cf0c0dfc35490fba29ed8	[Artemis!63384347EA7C] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9995] [Trojan.Cryptolocker.N] [Trojan.Win32.Yakes.pgxq] [Trojan.AVKill.60613] [Artemis] [TR/Crypt.Xpack.435157] [Trojan/Win32.Teslacrypt] [Win32.Trojan.Filelocker.Wlzc] [FileCryptor.IQF]
2934522366cfc9cbf1b69668ce962d6b	[Ransom_HPCRYPTESLA.SMJ9] [W32/Kryptik.EQMA!tr]
5ecb683d392554a04a251699c18df517	[Ransom.TeslaCrypt] [Win32.Trojan.Kryptik.qb] [Trojan.Cryptolocker.N] [Ransom_CRYPTESLA.USVNC18] [Trojan.Win32.AVKill.ebbaro] [Trojan.Win32.U.TeslaCrypt.407428[h]] [Trojan.AVKill.60617] [Ransom_CRYPTESLA.USVNC18] [TR/Crypt.Xpack.435267] [Ransom:HTML/Tescrypt.E] [Trojan/Win32.Teslacrypt] [Trj/GdSda.A] [Win32/Filecoder.TeslaCrypt.K] [Win32.Trojan.Filelocker.Tapn] [Trojan.Win32.Filecoder] [Malicious_Behavior.VEX.99] [FileCryptor.IQN]

Whois

Property	Value
Email	hmgame.net@gmail.com
NameServer	NS2.BLUEHOST.COM
Created	2012-12-18 00:00:00
Changed	2015-04-07 00:00:00
Expires	2022-12-18 00:00:00
Registrar	WEB COMMERCE COMMUNI

DNS Resolutions

Date	IP Address
2016-03-16	66.147.244.86 (ClassC)
2016-03-18	67.222.61.47 (ClassC)
2019-08-15	104.28.11.229 (ClassC)
2019-09-06	104.28.10.229 (ClassC)
2022-01-24	188.114.96.3 (ClassC)
2022-01-24	188.114.96.0 (ClassC)
2022-01-24	188.114.97.3 (ClassC)
2022-01-24	188.114.97.0 (ClassC)
2022-01-31	188.114.97.15 (ClassC)
2022-01-31	188.114.96.15 (ClassC)
2023-07-28	188.114.96.2 (ClassC)
2023-07-28	188.114.97.2 (ClassC)
2023-09-17	188.114.97.1 (ClassC)
2023-09-17	188.114.96.1 (ClassC)
2023-09-19	188.114.96.7 (ClassC)
2023-09-19	188.114.97.7 (ClassC)
2025-02-05	104.21.16.1 (ClassC)
2025-05-27	104.21.112.1 (ClassC)
2025-06-14	104.21.64.1 (ClassC)
2025-08-24	104.21.48.1 (ClassC)
2025-08-28	104.21.96.1 (ClassC)
2025-09-03	104.21.80.1 (ClassC)
2025-09-11	104.21.32.1 (ClassC)
2025-12-11	104.21.15.208 (ClassC)
2026-01-04	172.67.164.60 (ClassC)

Port 80

Port 443

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]