home

www.appworldranch.com

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
appworldranch.com

Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler.MB, PUP.installCore (M), Threat.Win.Reputation.IMP, PUP.InstallCore.RES (M)
88.89%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
11.11%

F-Secure
Application:W32/Generic.70053c248f!Online
11.11%

Malwarebytes
PUP.Optional.InstallCore
11.11%

Avira AntiVirus
PUA/InstallCore.613319
11.11%

AhnLab V3 Security
PUP/Win32.Downloader
11.11%

Qihoo 360 Security
HEUR/QVM20.1.Malware.Gen
11.11%

The domain www.appworldranch.com has been seen to resolve to the following 38 IP addresses.

52.84.125.87
server-52-84-125-87.iad16.r.cloudfront.net
August 5, 2016

52.84.125.51
server-52-84-125-51.iad16.r.cloudfront.net
August 5, 2016

52.84.125.20
server-52-84-125-20.iad16.r.cloudfront.net
August 5, 2016

52.84.125.251
server-52-84-125-251.iad16.r.cloudfront.net
August 5, 2016

52.84.125.237
server-52-84-125-237.iad16.r.cloudfront.net
August 5, 2016

52.84.125.182
server-52-84-125-182.iad16.r.cloudfront.net
August 5, 2016

52.84.125.122
server-52-84-125-122.iad16.r.cloudfront.net
August 5, 2016

52.84.125.111
server-52-84-125-111.iad16.r.cloudfront.net
August 5, 2016

52.85.131.80
server-52-85-131-80.iad53.r.cloudfront.net
July 17, 2016

52.85.131.65
server-52-85-131-65.iad53.r.cloudfront.net
July 17, 2016

52.85.131.10
server-52-85-131-10.iad53.r.cloudfront.net
July 17, 2016

52.85.131.232
server-52-85-131-232.iad53.r.cloudfront.net
July 17, 2016

52.85.131.149
server-52-85-131-149.iad53.r.cloudfront.net
July 17, 2016

52.85.131.135
server-52-85-131-135.iad53.r.cloudfront.net
July 17, 2016

52.85.131.84
server-52-85-131-84.iad53.r.cloudfront.net
July 17, 2016

52.85.131.30
server-52-85-131-30.iad53.r.cloudfront.net
April 14, 2016

52.85.131.235
server-52-85-131-235.iad53.r.cloudfront.net
April 14, 2016

52.85.131.206
server-52-85-131-206.iad53.r.cloudfront.net
April 14, 2016

52.85.131.196
server-52-85-131-196.iad53.r.cloudfront.net
April 14, 2016

52.85.131.167
server-52-85-131-167.iad53.r.cloudfront.net
April 14, 2016

52.85.131.114
server-52-85-131-114.iad53.r.cloudfront.net
April 14, 2016

52.85.131.51
server-52-85-131-51.iad53.r.cloudfront.net
April 14, 2016

52.85.142.204
server-52-85-142-204.iad12.r.cloudfront.net
April 6, 2016

52.85.142.201
server-52-85-142-201.iad12.r.cloudfront.net
April 6, 2016

52.85.142.101
server-52-85-142-101.iad12.r.cloudfront.net
April 6, 2016

52.85.142.51
server-52-85-142-51.iad12.r.cloudfront.net
April 6, 2016

52.85.142.8
server-52-85-142-8.iad12.r.cloudfront.net
April 6, 2016

52.85.142.227
server-52-85-142-227.iad12.r.cloudfront.net
April 6, 2016

52.85.142.221
server-52-85-142-221.iad12.r.cloudfront.net
April 6, 2016

52.85.142.216
server-52-85-142-216.iad12.r.cloudfront.net
April 6, 2016

 
Showing 30 of 38 IP Addresses

File downloads found at URLs served by www.appworldranch.com.

1 / 68      (PUP)
http://www.appworldranch.com/.../installer.exe  (d5ca90c17135c2b5a54fd3080d52d59a)

1 / 68      (Malware)
http://www.appworldranch.com/.../installer.exe  (76d3ba27f4a80aaf0172060fec1631e2)

3 / 68      (PUP)
http://www.appworldranch.com/.../installer.exe  (installer.exe.torchdownload)

2 / 68      (false positives)
http://www.appworldranch.com/.../installer.exe  (wrar420.exe)

3 / 68      (PUP)
http://www.appworldranch.com/.../installer.exe  (da1f9c647fcf0abb3d20b823990cf57a)

1 / 68      (PUP)
http://www.appworldranch.com/.../installer.exe  (2defcc8d476c5cf0de281de75697f9f7)

1 / 68      (PUP)
http://www.appworldranch.com/.../installer.exe  (923ab6078f72435521b88d68bd076bb0)

1 / 68      (Malware)
http://www.appworldranch.com/.../installer.exe  (ddfd33bd3ea54b727bef5a3877d0f819)

1 / 68      (PUP)
http://www.appworldranch.com/.../installer.exe  (d2d7d6916bc8272be0657c4497abc83e)

The following 27 files have been seen to comunicate with www.appworldranch.com in live environments.

TCP » 52.85.142.51:443
UCBrowser.exe (by UCWeb)

TCP » 52.85.142.216:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.227:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.131.30:443
browser.exe (Browser)

TCP » 52.85.131.84:443
browser.exe (Browser)

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.201:443
browser.exe (Browser)

TCP » 52.85.142.221:80
browser.exe (Browser)

TCP » 52.84.125.237:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.201:443
apptrailers.exe

TCP » 52.85.142.221:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.221:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.8:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.20:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.8:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.111:443
Client.exe

TCP » 52.84.125.237:80
Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.84.125.251:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.85.131.10:443
browser.exe (Browser)

 
Latest 20 of 95 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.