home

www.applicationsmetauniverse.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
applicationsmetauniverse.com

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore (M), PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.FC.Installer (M), PUP.InstallCore.RE11 (M)
90.91%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
9.09%

F-Secure
Application:W32/Generic.70053c248f!Online
9.09%

ESET NOD32
Win32/InstallCore.AFF.gen potentially unwanted application
9.09%

The domain www.applicationsmetauniverse.com has been seen to resolve to the following 18 IP addresses.

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
August 29, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
August 29, 2016

52.36.112.186
ec2-52-36-112-186.us-west-2.compute.amazonaws.com
August 29, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
August 29, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 4, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 4, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 4, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 16, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 16, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 17, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 17, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
February 29, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
February 29, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
February 29, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
February 29, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
February 29, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
February 29, 2016

File downloads found at URLs served by www.applicationsmetauniverse.com.

1 / 68      (PUP)
http://www.applicationsmetauniverse.com/c?x=G0SSluBZsi30nCI/ZlZDzkFjwhqZ/khtrzdpDyPLOWI=&c=Atbbr VJp8TAdp2ecpsntn6Z4wVG3Jq8gYqRiFIkf0 C5ukilcaPWSNIue82bGhyvbr8JIFxg21dvjeSd4AYvYR6WDy hAK0Q0CXeJb vtpUGTXEcAFbL FUc8QSFWBpTNML1D/qvAGEyPVuZTPs/w==&fallback_url=http://ftp.halifax.rwth-aachen.de/tdf/libreoffice/stable/5.0.4/win/.../LibreOffice_5.0.4_Win_x64.msi&downloadAs=LibreOffice-21562-dp.exe  (3fd11920e281929d98607c2952271b13)

1 / 68      (PUP)
http://www.applicationsmetauniverse.com/c?x=/lfHgyyeHeyYyP7dVMibmv5B9YAiEVf 4 NiLrAyV 8=&c=CM4ZtzEFBz1frYSs tB20RIhtEaKV8sJYGHh7pNvfSPrmy8jySyvUejzZR0PARKMet YcwaR483hi92aIy6HOUfgBR5tNi0287qfpwAOheCGFdz7JZe3EOCLKm9lmP Eto4XBXLPEK38h5x1x33iXQ==&fallback_url=https://mirillis.com/.../action_1_29_0_setup.exe&downloadAs=Action-33680-dp.exe  (98fccbdf5d913b5c4e8e314ac68f50ce)

2 / 68      (PUP)
http://www.applicationsmetauniverse.com/c?x=r1lI3EiLCpELCItfbpZGubSppKac1CbTns37VDcWey8=&c=/ayZgbOTR1gBoqembuYdNjEsr087Avz4uiMG6JCbwb8XHKZzx8BWckKlYErEyFf5xKnlMYB5Czs SQVkD8hpfIh ClOoFq7IA3E0n/OGt/bzAQzl4PkQm84hcKqB8uEs&fallback_url=http://download.skype.com/.../SkypeSetupFull.exe&downloadAs=Skype-13018-dp.exe  (6210600fbb28861c839c02f99636b100)

1 / 68      (Adware)
http://www.applicationsmetauniverse.com/c?x=aAIE4SzfM2LOje4hJeZtZqk/k14lBWIM6b0zcDx1QzA=&c=dM0IYEXBO j6td1WfQrwnAekRBpqTRA7WgAxws1s2p9S/te13hirmDmi/4ORfO7LMTZi7MBfwYqWSyTBieFB Kg/g1Oojc3vONZc0ZuVsbVGobdHtLNUs/GDC994894e&fallback_url=http://www.driverupdate.net/.../SlimDrivers-setup.exe&downloadAs=SlimDrivers-25819-dp.exe  (4b35fcdc56b9b99b9e4b1ed85594e71c)

1 / 68      (Adware)
http://www.applicationsmetauniverse.com/c?x=GC6SgmjycLGLQsXorpuIrRDvK7mo3BoXCUQQS8ufnkg=&c=XZWiDIHleJYVYe2lpYdn/EvI3PdFVfMK4h jML89Uv9FM gV9DNg7VxoBENQTEevl0sAQMZJQVd4dy1MFVw4U9S3Wkxb8MlnINxECfXVJ6fDHApG90rMGJDXlKEjXzfAROIrdCQVL9BqWJXfBylxTQ==&fallback_url=http://.../7capture-setup.exe&downloadAs=7capture-40232-dp.exe  (46b67221dcbd96a753940f02e8d43a20)

1 / 68      (Adware)
http://www.applicationsmetauniverse.com/c?x=CLEzg66LiE/LJ926HQIYFBEFfbtQsbgSW6 18m9IZvI=&c=Iqmk63padIHod4FkG42EWHrNoO/zQ4EhId7nEFlcBzJaYRgyk3KX4H1Y nOOKhPp3OQVrH7ItkpyazlStR6HmhU3vq2hXyoxZL7Rh3qeCeXEsr67NsaVqvOQ92PHBCPf&fallback_url=http://www.allplayer.org/.../ALLPlayerPL.exe&downloadAs=ALLPlayer-13217-dp.exe  (316fa22f271213161c923696f6e220f4)

1 / 68      (Adware)
http://www.applicationsmetauniverse.com/c?x=/hzDI8S9HKOm3YNHndxqf6geiMLedrdd6pXlW1eaxO0=&c=L0jyQqnSrvvTYGd Y8xtLd9vyFjb1laC7oKri3o/MLKZ4c3LZVvCP5cNZWCXXdLbkIhSmtB8qX oS/DuNAIFIILpHftDsFjXTRWp9M0TIAnYMqhP94qd9YLQRvUn1p8l&fallback_url=http://www.rarlab.com/.../winrar-x64-530.exe&downloadAs=WinRAR-12398-dp.exe  (a87ebf20c35055d2c3aa24414796b3e3)

2 / 68      (false positives)
http://www.applicationsmetauniverse.com/c?x=pehLnVBEaehqAgkTNMBLvm7gZcEW52pDqK0gg333EXI=&c=HVNzuE9ag05n8 CN3XjQehv9C2T2Sy LncAttp1oSTqbFgzqqXokddeqrrpf5Yc8NTLczFlaBbD1FJI3XUxkUbMbZ/jZrR8E69 YiuIO2wcCI 4fSuR/DKXHZn8Wu Q3W20BaUtrkYQoGDMeXYOhw==&fallback_url=http://.../YTDInstaller.exe&downloadAs=YTD-Video-Downloader-27896-dp.exe  (wrar420.exe)

0 / 68
http://www.applicationsmetauniverse.com/http://www.applicationsmetauniverse.com/c?x=nBE/GeLxr/gneD0NSRBbsyCWN6/xhjScZwdp79uWPDQ=&c=qr8G05D4TdpKUZ/msM8oUAuQEwy9hW8NbPEaxsECOieFcEftoLhXBdknpfwKdZ4DFatfn84ZWMuS/gBx2ofInRgYFVVWcfMPrJd2AsVsZouqZ97H/SAKLu2uoEFK qdoOBj5KcjLS0Klgp46fgS4dA==&fallback_url=http://ftp.adobe.com/pub/adobe/reader/win/11.x/11.0.00/.../AdbeRdr11000_pl_PL.exe&downloadAs=Adobe-Reader-XI-21590-dp.exe=  (0931b4c78cb49a8204a4aa0a1e2c4f44)

1 / 68      (Adware)
http://www.applicationsmetauniverse.com/c?x=vQaDtg2DpSNdMwqSKNNOVoRFP1ImZrlMGoxSmumLuoA=&c=FTuPcV5sSlDWFZqzFbghl0O7P0WzxZJcCrUjovUtaI9M/hHnrFFAzKyt6R qBRYV9BgXFud9kiQ4d890fvr8xXlRxcB4dlhLvsS3HrMnVE4rYA0G6zct3XPafFXEmoHF&fallback_url=https://ftp.mozilla.org/pub/firefox/releases/43.0.4/win64/.../Firefox Setup 43.0.4.exe&downloadAs=Firefox-13108-dp.exe  (6b93bead50275ef04973f401daf16415)

1 / 68      (Adware)
http://www.applicationsmetauniverse.com/c?x=r4ZpY4Sm88X4h0J1WPytxvEZVrlTSHXDQDjieg6nWBo=&c=BfeJzZk0t6u s0kG0zvHbcvfid0lQpi7YStK8hAW4IqWcPhgEpFuK7nFq41dgNtKzWZEr7X56czSpqiHT2ud3INJE5EzhsFiQNe3pwrkS0Zh0jLPlK9FKkrjViWvVgPRYX8VN4y1xCl6flyxwwFLsA==&fallback_url=http://www.driverupdate.net/.../SlimDrivers-setup.exe&downloadAs=SlimDrivers-25819-dp.exe  (e2e647a4850e4d4b2a6ef052181d96ab)

1 / 68      (PUP)
http://www.applicationsmetauniverse.com/c?x=jsi7OaJlGiPmmKNBgX1yjSo09Kci1YhSlCMRE8j1GAE=&c=OcqUDlUygY6P1HmuVBoExHtnjB5p1MPue1huqJwxdcEsv53aHtsPVy8sFt/d2BReiC/JohKcit/CanojDE/EMg174MAbB WM3/gBPUcTHyRbVeD7xjbd4xRQrBCXxyjB&fallback_url=http://download.cdn.bearshare.com/cdn/r/.../BearShareSetup.exe&downloadAs=BearShare-12831-dp.exe  (6d1f38631775e8ff8f2a3d8e0b5ac978)

The following 23 files have been seen to comunicate with www.applicationsmetauniverse.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.33.46.229:80
Client.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
browserair.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

 
Latest 20 of 59 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.