home

www.appsranchdl.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
appsranchdl.com

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore (M), PUP.InstallCore.AC (M)
85.71%

Qihoo 360 Security
Trojan.Generic
14.29%

The domain www.appsranchdl.com has been seen to resolve to the following 10 IP addresses.

52.34.184.36
ec2-52-34-184-36.us-west-2.compute.amazonaws.com
September 5, 2016

52.36.112.186
ec2-52-36-112-186.us-west-2.compute.amazonaws.com
August 26, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
August 13, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
August 13, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
August 13, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
August 13, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
August 13, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
August 13, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
August 13, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
August 13, 2016

File downloads found at URLs served by www.appsranchdl.com.

1 / 68      (PUP)
http://www.appsranchdl.com/.../9hFTdhqGBeWN2a4cHEkI x1F2R83LTccrB5Jl68mDMbOBUH R2w4pYp1 E1hUsdLcRkS8d1hnLIIe k9uGhy9FWp78n5fUml53LasdKwRDSK0bZg&downloadAs=TomsInstaller.exe  (4fd39b322a260adf24a0216ae08890df)

1 / 68      (Adware)
http://www.appsranchdl.com/c?x=PCQB0mq2XOl8krLdTXnQ1oTXuCkEBIxTQCz9/ZnmibQ=&c=eKSCHcvux0izBsFR2jGGZGOdpo6C8lA0Ax4L1E6HCyUScsKlcLwsuXs/KshK2hNswixnKYJY8/.../uC2WAqecUJAlAWO3YIAsGZxx0IACA8eURqs4zC9&downloadAs=TomsInstaller.exe  (minecraft.exe)

1 / 68      (Adware)
http://www.appsranchdl.com/.../JZd0fNb7rW6cksXbQ1hWNiUKavq5ctkBO7Ko8SLfNe 48zthH6ndZ2P l241gGkCPXX hBfGMk2pPiAPhwYDqwbh2Uytd3rtOv3jFmknkFiFMG6WMjMD46Ir4o&downloadAs=TomsInstaller.exe  (minecraft.exe)

0 / 68
http://www.appsranchdl.com/c?x=d5QtB8fKWHa2jv481QaRYX4 vAuvNV2j2VhK iRJynE=&c=we8G18p5BnEr3pFh1abrBKH6AUOkRrbowK3Pexvnwrd0FmH35m/.../aKdVWDoHFXfVmSEdYQBK39ltP5FhKcTuPzf3FSb9pPh7gpYU8ApdlEb&downloadAs=TomsInstaller.exe  (minecraft.exe)

1 / 68      (PUP)
http://www.appsranchdl.com/c?x=FRZsj94xYD ATcpsIxFUs0gypiqG8/9polEhlUa9Zr8=&c=RVW3C5L813yD53XfCYwD3AaZDnTiErSBmsRoPM1I/N l34SSxJwkqFrAS/.../ZwRApaI5ESbxx7LJDbprmsqiO4v3xH1RqxQY9GNds1jHTP fXJqIbVR3do5YSLG&downloadAs=TomsInstaller.exe  (622cee0d6388aed3bbe69a465d489d0c)

1 / 68      (PUP)
http://www.appsranchdl.com/c?x=Y7Vb4QR53VmBNNQgHGKlcJCmXIWh6yio5qcap6b6PBk=&c=WUaZzEUJ3 O/RtQkn9rN7Sxvgs2mPh/.../UwNQ4fDVOVUXqDEjfE2asuk23f7eGOIwrnjlbrQKW2XDc7f4IFMrbCbQevljDhCNtHvtuVsJoZoYn0PFeDoJd&downloadAs=TomsInstaller.exe&_ga=1.197581223.967042814.1469893384  (5f579dcc21ae5f8d7534e49d5692fd36)

0 / 68
http://www.appsranchdl.com/c?x=5WI3JtTQZLq9AmzVUjf30viFk4il7GPrNqxbn248jzc=&c=q3jdR0/Fv0vOoef/.../EpIIrzfcauORfiyRkw&downloadAs=TomsInstaller.exe  (itoolssetup_en_3.1.8.7.exe)

1 / 68
http://www.appsranchdl.com/c?x=jZJ5PT4r fiKbe2FHeOJCsMqWhsiYZ0y92SY284GHt4=&c=GW1yY l7 uR KPa1NU7RUWMTwLcE yiABSFPx7GDxlQl83Re2Ml355AXnQLiNkA0mOwoMYxx yY5hPr3UN88Hjv7Cggr6gPzEtWznitZKwlk7gQ4ZsvQKagrM3BeePMI&downloadAs=TomsInstaller.exe  (8gadgetpackuninstaller.exe)

1 / 68      (PUP)
http://www.appsranchdl.com/c?x=3AIOg01V/.../dHEv3b8Vf&downloadAs=TomsInstaller.exe  (dd359632ef9b2d6248aa6bd79a1365b5)

The following 50 files have been seen to comunicate with www.appsranchdl.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.34.184.36:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.34.184.36:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.34.184.36:80
browser.exe (Browser)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.34.184.36:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.34.184.36:80
BrowserSafer.exe (BrowserSafer by Installer Technology Co)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.34.184.36:80
Client.exe

 
Latest 20 of 100 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.