Download
Community
knowledgeBase
» www.farmnowapplications.com
Overview
Analysis
IPs Addresses (17)
Downloads (11)
Network (18)
www.farmnowapplications.com
Domain Information
Server location:
Oregon, United States (US)
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US
Root domain:
farmnowapplications.com
Analysis
Scanner detections:
Detections (90% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.installCore.dobreprogramyspzoo.Installer (M), PUP.installCore.dobrepro.Installer (M)
90.00%
Microsoft Security Essentials
Worm:Win32/NeksMiner.A
10.00%
F-Secure
Application:W32/Generic.70053c248f!Online
10.00%
IPs Addresses
The domain www.farmnowapplications.com has been seen to resolve to the following 17 IP addresses.
52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 3, 2016
54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
July 3, 2016
54.149.195.20
ec2-54-149-195-20.us-west-2.compute.amazonaws.com
July 3, 2016
52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 6, 2016
52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 6, 2016
52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 6, 2016
52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 15, 2016
52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 15, 2016
54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 18, 2016
52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 17, 2016
54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 17, 2016
54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
March 3, 2016
54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
March 3, 2016
52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
March 3, 2016
52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
March 3, 2016
52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
March 3, 2016
52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
March 3, 2016
Downloads
File downloads found at URLs served by www.farmnowapplications.com.
2 / 68
(false positives)
http://www.farmnowapplications.com/c?x=FGt8TkXXOdnsiCcTEDi0tbpzJ2 5kgoZ4GZovaimyDk=&c=5Os4cNowypwr5XFgF/jC9BCMCopi8ge U21UOXdBsEz7l51ZU57HwS/XG7ctAsb30Ar6Gp8b1M5J834UCEr7DlOnJI7x1asL8CfOpIIWBOZhJOuLDCl0OQ8aukl5U0doYhNDaWu7fyX0GmaPeaj4bA==&fallback_url=http://download.microsoft.com/download/f/0/9/.../office2007sp1-kb936982-fullfile-pl-pl.exe&downloadAs=Microsoft-Office-2007-PL-Service-Pack-1-12126-dp.exe
(wrar420.exe)
1 / 68 (Adware)
http://www.farmnowapplications.com/c?x=lddq4/8fj5GfPIBHoolgrY1t 2pJ/kEsZ7IhTcE7VbM=&c=yPcrOTFAQwdu4uymMLn/8OecVHYgugUhddVbESsQvSMtFN5iRVRTfQnMzfxpisgaoI8h9 3w/HhGYQvAhsAIzyXJ7WdHsJY2LNWEq0lrtydyhDcXv/hrYa7vrL4zQgZvdr0fg7b40AYVO4QN6KsReA==&fallback_url=https://ftp.mozilla.org/pub/firefox/releases/42.0/win32/.../Firefox Setup 42.0.exe&downloadAs=Firefox-13108-dp.exe
(e1d22ddb9d5f070946ad64ff1c71c56a)
1 / 68 (Adware)
http://www.farmnowapplications.com/c?x=OQ6PkqB5/THh8eqP9yVtoLi8a8qpq9LjBKkdtP6a/A8=&c=hU7Wh73swnl0U/XDyjX1VOwsuwaCmQUY/CxzrDIrJCzMxlZGEYhfSPlE c9LL5IRN77tgO6ChIJPz8wAjBdjpBDLtfzQwADHXJ74m4d/ /Ztw5RN0cVO7vomxtd7ODzFqKRQphvMxowlG7ts4cWYHw==&fallback_url=http://storage.dobreprogramy.pl/.../Apache_OpenOffice_4.1.2_Win_x86_install_pl.exe&downloadAs=Apache-OpenOffice-12754-dp.exe
(525763d4d70982fb66feb3225c34f0f9)
1 / 68 (Adware)
http://www.farmnowapplications.com/c?x=SieG8eJH1o6rHJl95ZdAHN0qkXsP5dRWIlhRxQJnQlg=&c=JrX9vanqOkGU2XmN/wPAeEYRkYBJh60m6oeVFzMh2Cfd5pyRDabOk U0JSjNFLhDlTBk4id96FKW8e/SG IQ4JF q0Taa5f262P2WmZrGpwTLMvNgjU9rfQuwoeia77/TvZYHqq304Ot9tsXnPPpxA==&fallback_url=http://storage.dobreprogramy.pl/.../is151setup.exe&downloadAs=Image-Signature-11795-dp.exe
(bf165acdd51bc4efcecee39e7b450607)
1 / 68 (Adware)
http://www.farmnowapplications.com/c?x=aCLYbIRplUa6zZWfnqx1Fd5ng/cc3iXthSCL0jsUWC8=&c=JyUhGE0fN9OJ8qptIJBThN8RMVukYO05CZCz7mCbhxD95WOpQOZ1ktTYs NUiaTvH6 7 bgRv7gah9SO1ZiZJ7894xqa7HO5TRJD4JeSvi9FFykuCV6uFiIeH1Vfe55TV69Hu83YCBTpE9hl0lVr9g==&fallback_url=http://storage.dobreprogramy.pl/.../uTorrent.exe&downloadAs=uTorrent-13270-dp.exe
(9129f917ac70fbcc663f1675b75d5663)
1 / 68 (Adware)
http://www.farmnowapplications.com/c?x=FhubcETzqsU0nbceAV6X4uva3XMwYmSyHaCq7lBTva0=&c=UwNnnDSpoDyxDqJPS7GPVD2baKHH32ojXADWqHIJbDCEKYCT2g9ogmode9p83nSj0RQb5d U3lu4 Y2hzZtQgvhNDTdsXW8UL3Gri9obZByl9shFcNWRV1w8W8mcusKcvHY5Qr4TWz37rA1xtPjfjA==&fallback_url=http://download.skype.com/.../SkypeSetupFull.exe&downloadAs=Skype-13018-dp.exe
(7d64f67ba2d6eb672ad53ac4376a7560)
2 / 68
(false positives)
http://www.farmnowapplications.com/c?x=2u3Jj4klLre/JDXWxIWBoId2PImyqqqEqTz77 MGFEw=&c=ijIy8zc9pJ0KNdxTP4UNVyRkWSQxiQkLecZZjPaDKV sPu1ahuy3VGNWbgRIYm8qvqV0W4USxain/OZs9NPLCCBLOCr/FGFpfiLZeBwamaDlPJeqU5znHqmhqzuouda3HhFAtZedEyo5UCdZlQgnMQ==&fallback_url=http://ftp.adobe.com/pub/adobe/reader/win/11.x/11.0.00/.../AdbeRdr11000_pl_PL.exe&downloadAs=Adobe-Reader-XI-21590-dp.exe
(wrar420.exe)
1 / 68 (Adware)
http://www.farmnowapplications.com/c?x=9jVc0l D2JUZMsszlJ8d6XRaZdKK4VDXd/BdF4kVnAs=&c=wEZQ9NKs9k7j9f2R6ksT3ND3vvpFoekoDdLsFUNwsOiI89widxVeviPVN62QWGgMD8c4XBAIzFjiPyQslf5aaRkRctKcQ81yxCxDrGKEhTQVVBKwucxFwHWLSheRP9SM45m7BzmSZ6ZWAH3FqhLb4Q==&fallback_url=https://mirillis.com/.../action_1_29_0_setup.exe&downloadAs=Action-33680-dp.exe
(22d45c85ae38d0cc701057df4d46e213)
1 / 68 (Adware)
http://www.farmnowapplications.com/c?x=WQoBpgSRTU1GOYNRFzptHtPZZ5j40HuiPYSKd4xpoKg=&c=i/gYkY/p6rBWFXDmCUei1W7AEvFnnpy9aRE1D5cewc8HLrv2921jCtXObya1oRHBts3mkGc2ugJeFMXRIvWvlSOPXwVbIglHIIRWBJGdy1ilhpYcWDynhX5gWv1DGNeFPNHpqK6Lxj5o3RjPr9Lm5g==&fallback_url=http://download.windows7codecs.com/files/.../windows.7.codec.pack.v4.1.5.setup.exe&downloadAs=Windows-7-Codec-Pack-18648-dp.exe
(957b76d6e35830e467b04e04bb29fccd)
1 / 68 (Adware)
http://www.farmnowapplications.com/c?x=SJ2/9ZB5rlMosN5W85QyrdyE97AmDYoA45ee7EhC2r0=&c=q5WuxZealkbE813d8WSA0FWiWyW47FBxatYZB1l9ax2 0InX5jqg1aihqqFycujUZ9yEcEeKEFuU4GsQl/LPs6YNzrbofT2SL2btzntZPDXiQk/z/JAxBk34rLXtUEy6ltQqxq5D95GSzU4BIbceYA==&fallback_url=http://ftp.adobe.com/pub/adobe/reader/win/11.x/11.0.00/.../AdbeRdr11000_pl_PL.exe&downloadAs=Adobe-Reader-XI-21590-dp.exe
(6f0c5f5609eaa7677566b7e4acba6d3b)
1 / 68 (Adware)
http://www.farmnowapplications.com/c?x=GZfR4LTup2XoVE/0pp/KLBwXGzHsUQc1tVetxBfd5tI=&c=bymQbJa l86okDABxsTklfgaRFJ OOF5PYRdKj9a5SshURad0 ylJBvEO0BdD0wXxSx6J ucfZUHUcbQjUD9cINoZQx SMS11rU3zK2zKBQVNXvS9QIwvoC8ZjnVe bBHMkwLT7BSTHvDAwwqbXLfA==&fallback_url=http://cdn04.foxitsoftware.com/pub/foxit/editor/desktop/win/3.x/3.0/.../FoxitAdvancedPDFEditor305_enu_Setup.exe&downloadAs=Foxit-Advanced-PDF-Editor-20595-dp.exe
(0d0d6c33c2fb94050d90f5909a20b052)
Network Communications
The following 18 files have been seen to comunicate with www.farmnowapplications.com in live environments.
TCP »
52.38.209.219
:80
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.38.209.219
:80
UCBrowser.exe (UC Browser by UCWeb)
TCP »
52.38.209.219
:80
browserairexec.exe (BrowserAir by Goobzo)
TCP »
52.24.26.116
:443
online-guardian-v2.0.9.exe
TCP »
52.24.26.116
:443
online-guardian-v2.0.9.exe
TCP »
52.38.209.219
:80
browser.exe (Browser)
TCP »
52.24.26.116
:443
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.24.26.116
:443
036629fbd4864725737a8ba8fe7e8cd6.exe
TCP »
52.38.209.219
:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)
TCP »
52.38.209.219
:80
e5be.tmp
TCP »
52.24.26.116
:443
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.24.26.116
:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))
TCP »
52.38.209.219
:80
client.exe
TCP »
52.38.209.219
:80
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.38.209.219
:80
kmplayer 3.8.0.117 -[www.patoghu.com].exe (The KMPlayer by PandoraTV)
TCP »
52.38.209.219
:80
KMPlayer_3.9.0.126.exe (The KMPlayer by PandoraTV)
TCP »
52.38.209.219
:80
3.9.0.125_20140702035547.exe (The KMPlayer by PandoraTV)
TCP »
52.38.209.219
:80
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.38.209.219
:80
online-guardian-v2.0.9.exe
X