» www.capitalapplicationmeta.com
Overview
Analysis
IPs Addresses (8)
Downloads (12)
Network (18)

www.capitalapplicationmeta.com

Domain Information

Server location:

Oregon, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

capitalapplicationmeta.com

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.InstallCore.AVSoftwa.Installer (M), PUP.InstallCore.RE11 (M)

100.00%

The domain www.capitalapplicationmeta.com has been seen to resolve to the following 8 IP addresses.

ec2-52-38-209-219.us-west-2.compute.amazonaws.com

May 29, 2016

ec2-52-33-165-25.us-west-2.compute.amazonaws.com

May 29, 2016

ec2-52-25-41-73.us-west-2.compute.amazonaws.com

May 19, 2016

ec2-52-24-26-116.us-west-2.compute.amazonaws.com

May 19, 2016

ec2-54-148-57-212.us-west-2.compute.amazonaws.com

May 19, 2016

ec2-54-69-198-37.us-west-2.compute.amazonaws.com

May 19, 2016

ec2-54-69-11-66.us-west-2.compute.amazonaws.com

May 19, 2016

ec2-52-88-159-85.us-west-2.compute.amazonaws.com

May 19, 2016

File downloads found at URLs served by www.capitalapplicationmeta.com.

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=BFHFGpOeDAJmhTVamrF/F2tZ38EbHqk 83Vdp98i8EM=&c=/LvuU68U0 oJk9uR86m4/55TkVmkRPp5Qy39eZZI9adjDSwlq6grhOZGKDjVBBZQ05xJJTVmU9nvWlr0dD053UGbwz5Zr263Wm5odPf2Q9T4fmCFcfeiQLo8CY9tEWdK&downloadAs=wwwabegmusiccom_Empi.exe&fallback_url=http://.../get.php?file=8078f1e8&m3 (f387a47a303d0a68f267ee0555acf4e7)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=BFEeWLUF5vGs/rxGBytuuP0Yy4rRQvZ3fI2o2hUkMIY=&c=7jpxCPPZDiyl39/sFUEcL6MOFEd3Q6iHR PvquUmvHVa259EU/SOSe/o3UYR6nkyyy6Xw1aMbUu5PRca58WnMXOGyj/yNt0ygR0Ulo3GJwhtgRsqBcmWKjCw3KjkiMcv&downloadAs=wwwabegmusiccom_Empi.exe&fallback_url=http://.../get.php?file=8078f1e8&m3 (221edea2147bf4a52a112cb91aee936c)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=6dpBF1fMzvSPvhEMdrHW0SuvQcjds6K3VAqva0Em3Gg=&c=t64F2Do8eqRKrfgGDUqdipnrSDymKAzFQCmBszGd9G1ignWYOncA/EO5e2liNtrAvW9HPtsn1lUuIiLe/ xS1mGk8vCJbWTo2YuCh2ob8PuA4CDnZ7q/a2xiSMkzi/DJ&downloadAs=iSkySoft_Video_Edito.exe&fallback_url=http://.../get.php?file=d2629fcf&m3 (d14a7922419fabb5474c4e335240b3bf)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=c7f/0Mq3tehRp2cF2F/drdxy/DDsoffykcYL EpiESQ=&c=olgTcwhLPO3F05jOKVNHDEyJ0u15vHACbFM2vO7y/bK2g7RUd3FJK0VyfiYkel3rMUQbXDC8bLR3yQJfFaNDiSF8YPRHF/g70OL91o9izZDpiZ/LusS1mkM8DARkr9mh&downloadAs=ygopro-10337-v2-perc.exe&fallback_url=http://.../get.php?file=f1c9b52a&m3 (4d315e1d114c8062f14d72bc15c3d601)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=tBb5U7KkvLrycK3sljfMwV6NEbsHc5J9DnKNS9cF3aw=&c=dZtcVhqqZn1uplEttnhjIGtqhwqN450MITVguS86ieHjHqI1NTT7bK4SV/bLOz EQ3WY8tRAsPJy4EGImSK XPRFzia8 xAGw1FIgZio1k3dBH8octtfrl4DXiumHCoT&downloadAs=Adobe_Photoshop_71_K.exe&fallback_url=http://.../get.php?file=aa6a89ba&m3 (icreinstall_adobe_photoshop_71_k.exe)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=dEsUU8CrE7Ls84Pb4G3DzdBb2IJ7gMbHSWdZs/AhfEw=&c=e34zkQS6iJg4sIhi1pAaNoytNqywr PUCjJFyBZuAbVC40mw6mILnIoqTFy4aQEw9VSeQBcxWaWXb7j1N9pgnLlqK8XHEHdPSjwVOOG2w/wRkSuViy27ws7PSswfTDoV&downloadAs=tthampb.exe&fallback_url=http://.../get.php?file=25337d96&m3 (78f5e83c6747f8c82e28e468419912a3)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=jiz3dWmlNmHJkyybLsZKMVkdHO7foRQUFBhrsYsRswU=&c=Tkb9kVsdqyz7t5StVSebk/96W vPDqdtnMvgjedmohS/lXDgyaFAgFGbjFSdSWe7eUOCC/vBkuLvzTc1vf4sI7p5VcCX LmAIesa/cgHLaH1oLI5WR0ZC8LfmKUPk6eE&downloadAs=FLVPlayer4free.exe&fallback_url=http://.../flvplayer4free_setup_silent.exe (1d2d66f2ace60e2a8f0ca518d891a354)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=TFRjeRqGj29KaP2BnLATyo4dTja D73VffvHuc6H8FU=&c=SLYxM3b ErshQSfM5 9sKtvcmzLdRoPa7smGbEY9dxv/93CwHN4V34rtlYwPc6l6iesR4S5jS5AFV5XlXESi8goVKALtABEUvgJvpWHXHKeItsPd0iX6tx pwJGvrpVY&downloadAs=Alcatel_OT_4033E_Not.exe&fallback_url=http://.../get.php?file=2a1ffa1c&m3 (a71182f3b998005573553b24b31d043e)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=97xU6q8E9VCphOqF6l8LUCXy6CfbAmQeWrRR5Gb rzI=&c=tx4lhtYUYp/sxlZqhe fZs1odxvgtHsi0qxxfUOFhTbD4CwKEc5cZDRg1XYgIVz7uuuJOjHOw/ujdIUEiFL6fTEgfZyKGOtZx/mq5HnPS9zeXNQu3pKIwCKy6dzfcpVI&downloadAs=roomin_monster.exe&fallback_url=http://.../get.php?file=38422276&m3 (0449fc9de62668d5f2ca30138f6be059)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=2MJamRFGl6Ea5URWg28PNYtwK5Yf/zap XvVXmwuJFU=&c=ihLO3wb2Mkok/zs1yZFNrzEHiJ13pi5tbAy GY/LTJKHkgbT7JjXt6ll3ZY5wVuPWxhwQLul6muTl4wCfjvhj2xdRtgTElnWtPJ/k8lv/H/w9nZAHI4WZyUWGlqidnFC&downloadAs=DC_UNLOCKER_2.exe&fallback_url=http://.../get.php?file=d19e22b5&m3 (06a828b0b918d014ee8075fdcdfc02cf)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=VOJlnIl9IZW73UVtJ5XlF09qJMmEy0Fdxh MoXweV1I=&c=CY/d6snJYNmvJ8fyuIulrSfjOQbxczxSE3UpNS8hn8uV2PItK/nzUuQrG9ATDHSrwqhgjcQ3KOeyLpCPbg2ddkcfCaDj5Ye/SpEWz6mN9l6mMC3fyHXwX9y2GCsVTmky&downloadAs=Novicorp_WinToFlash_.exe&fallback_url=http://.../get.php?file=c1c939e9&m3 (d9251a6a2816c7eb8baba0d49a9cb66d)

1 / 68 (PUP)

http://www.capitalapplicationmeta.com/c?x=kqpKzGdBMLm8BHvUnylpyjaC/adRfr02hoDcIwW jTc=&c=/L/GQKLAF6pl8oE5bJrzpG0b2wUHffmnl7smROkASxSyoQ8DF5I19hxAF9Zepuyh12zm4kpjrYNpqmU6KDOdeXPqlecg29f72U8iY37tvsVlaJ74d7DuB3C8KdFctadV&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe (5fbdff791744baee49b326def23a0460)

The following 18 files have been seen to comunicate with www.capitalapplicationmeta.com in live environments.

TCP » 52.38.209.219:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80

browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80

browser.exe (Browser)

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.38.209.219:80

3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80

TCP » 52.38.209.219:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80

kmplayer 3.8.0.117 -[www.patoghu.com].exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80

KMPlayer_3.9.0.126.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80

3.9.0.125_20140702035547.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80

online-guardian-v2.0.9.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.