home

www.farmtourvault.com

Communigal Communication Ltd

Domain Information

The domain www.farmtourvault.com registered by Communigal Communication Ltd was initially registered in December of 2015 through GAL COMMUNICATION (COMMUNIGAL) LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
GAL COMMUNICATION (COMMUNIGAL) LTD.

Server location:
Oregon, United States (US)

Create date:
Thursday, December 31, 2015

Expires date:
Saturday, December 31, 2016

Updated date:
Thursday, December 31, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
farmtourvault.com

Whois:
1 farmtourvault.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.NewMedia.Installer.Installer (M), PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.FC.Installer (M), PUP.NewMedia.NMH.Bundler (M)
100.00%

The domain www.farmtourvault.com has been seen to resolve to the following 17 IP addresses.

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
August 27, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
August 27, 2016

52.36.112.186
ec2-52-36-112-186.us-west-2.compute.amazonaws.com
August 27, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
August 27, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
August 27, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
August 27, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 15, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 15, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 16, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 16, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
January 30, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
January 30, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
January 30, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
January 30, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
January 30, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
January 30, 2016

File downloads found at URLs served by www.farmtourvault.com.

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=BAhWEuf vw8QSiFDJz4xoYDiIZkAkK/9T/Lrl7PCY A=&c=ISITZ9voL6 9DAbxob2hfgPU9vFjxArUe5cr7ici20Lh7 SZhc0AoxEZaSgAEh0H/qTHhLNugRzrGKSeGft U7JdJTJHeUv35Ul7Cb7f5I9mELw4CpFSTybYDW3D/qBv&downloadAs=Screencast-O-Matic Setup.exe&fallback_url=http://www.downloadfree3.com/landers/.../download.php  (57503672c2f7cf64a06205a58a08bc52)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=dqdcnpBWLNjlbHvnnvgPgst/ly/c1TrWyK2zxEuMaCU=&c=kiFQxGFQaOcrigDhZQHgINu1Rg DtCJYC1aaO7cvlzzn KGNyDFzEr60lnnEAiBqBGGfjMQXIfmWNjMNRtCS n97JZTz5GG IFvUJjajgXTyCwvplORB1JLKjpV8pxTB&downloadAs=Internet Explorer Setup.exe&fallback_url=http://cdn.downtoad.com/.../internetexplorer.exe  (a84528cab87fe758911cb508296f74e3)

1 / 68      (Adware)
http://www.farmtourvault.com/.../MOjbSzv2BFWmudDfGubGk PbxgdxGgwJS2HtmV995KfYuKjkWfPATh597SOqgWiPzmnXmCHA9Ftn3egfArc2IhgUmHM611 87 SocTMg&downloadAs=Google Chrome.exe  (a21a1c12e15456de92cd46ca4f308984)

1 / 68      (Adware)
http://www.farmtourvault.com/.../afr4UapeAQt0dzpw2pMPBk4n6NmtpTEMHdoZzrLB698stX9vp Tx1et8Tz6SXw1RoH882TEd4I3SSud6DMetGr5uEdlRAIiT1fG&downloadAs=Firefox Setup.exe  (icreinstall_c.exe)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=JPR MAutDWSgqWy2U4U NkFD9WcEnZDUizP8hSGsBV8=&c=1qaHlXtqiYcceSmTAthqPSxUlsb0/ErDFwTVuDOhjp3/E9XS0rDIV3SpzJendKgvHf81bhQ18G5WC6VUZII6xmkJxFUGZXEAOuaib9M 1YDydJWuhWRUCkW0nluJeRMT&downloadAs=ooVoo Setup.exe&fallback_url=http://www.downloadfree3.com/landers/.../download.php  (bba21eac3b47ecfef39862e1bc810449)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=3lhvox9lhifExjC/di6iMKEA1kulJ80UXLLBQTCqqr4=&c=4yZPtROavxLoILQyzCVWpRPAr3o4hOWO2b47fir9L2mUE0Vs4JPuT kiQTzU0iQuDtyh/RML7hh7aURfYqh4JIsVHU5Q7l7MA/USN2yVQlfJ/J4HZFr2yJTZlnD6Ztv9&downloadAs=ooVoo Setup.exe&fallback_url=http://www.downloadfree3.com/landers/.../download.php  (bf6e96e68dfc43f93017202fac13423f)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=1IwcvJj9DTHexQTOadM2jzP7XNhbZ9b0u663vz89nzM=&c=HQ4Ain6qrxmvbakbSipenFtBD5GeLLpwcDJ4PRPE8Oe14G7HhI3Zk2VaTf9qemL6kdW3EoQTsfSjBgmFgVx4TVXW98C59RH5MmDETQgwtAHmS0jW1DL57lNcD7DBQcDU&downloadAs=iTunes Installer.exe&fallback_url=http://cdn.darwendlmfilesnow.com  (25fdeac52607a52d6506cff2e26cf6e3)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=enqZi46BbGfh4QmRPxP rMM uU692TbpRk3SQfpvQpk=&c=w01XNPj7lbQ98aP5lMyZWLjLi1YLLlyfDVhQeIoODBRSR8UqCdbDV/d0Zs5lBQeZVGwpYDWPXwkUYEXNNuESyc0zuPHYrqOLoEOOZWHxnmjp5Pog2wWmk5jvG6rdFYlk&downloadAs=TeamViewer Installer.exe&fallback_url=http://cdn.darwendlmfilesnow.com  (c.exe)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=8IjeDoBk4pEg0sYWuEqKEuzR0UhzfsBPoKfg8SkF05k=&c=gWbtqgKy9Hq8vaQw9e0Csdo/wEonbZp9US1e35Jft4mGIthGOS3WGklbSl/.../3WUvcEsoQm0JDcLy9u0vErPR1VJ7&downloadAs=Google Chrome.exe  (c.exe)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=L4Y1UgOoozpirGMOXKi2mHorbrDQn7bEHOqko0d38bo=&c=xCQ2vonWKt 6BsWGzBCfqkoflcJNnM D4Pm62a4/XaC9xYIsOOrUX5Oi9x6FBBraxCnkH vR2rdymBJTM3vBaMuI2cwEinUwEJIlM5lf1SFjnWL1442KUaJ5CG2KuZ64&downloadAs=Ares Setup.exe&fallback_url=http://www.downloadfree3.com/landers/.../download.php  (c.exe)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=UHPh mKkUseq/yKCUFw9uQmMgXxZA1UF4AMWhwWlKQo=&c=QwTZkhqhZ8WoHR2rbDUKv3TLwnknr7 CJK95lRvhRJfJYW/xm/4ZGQaheeeAOfS7fMkISbbUunoekhmky e NeyS0izVeymB4Via4eyillXVjboeh3fF7My1 1LKcCpn&downloadAs=TeamViewer Setup.exe&fallback_url=http://www.downloadfree3.com/landers/.../download.php  (dd0681e38c8950542f2603a0fcab6de9)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=a 4GRxr5pW7Hi AbLdN1IhuHpnW pxG/yVL4L9RtA84=&c=KaydtRWdcGp/m86akynFK5LrmLSrdpA78x9OftcnjyInY5oihsnC2v1lAnfyg50/ VQQJhD50Mu9McU6GbbJLOFFd3 IX/.../lx1&downloadAs=Google Chrome.exe  (890aa5c4c79e0eca49b66fc35695df81)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=N8urDSwEEo/ajLKV2zeoXz0CYPNSnOFCBY9lHkhYDZQ=&c=l9aMYTfaq2XiPdfDQXg0M9khLSRsIsQq5ft0krZeuAJJZCPO8dcdnAPVLwr1/ea1RnzpEDoTn/yx vZETae5mf/wwEDUrRJM3QykHbWDCDOsAJc5T1ArTX7avAEX/fGR&downloadAs=Yahoo Messenger Setup.exe&fallback_url=http://www.downloadfree5.com/landers/.../download.php  (e20b044948275dce17edbbacba7d623c)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=GcMvwM/sSNY5p8P1iNOvkEfmzp/hW1ufH/C2HepdgOw=&c=6 KauHfcxAAKu6hWsKfeHVcDAaQjq6H9es bB0GAZE23a J3U5rvNEnd4UzVu1XmRAiOHkIiCsaAC426ZE8UFuwMUlL9KacSrcNQ99HVrcB5b8Ngt5nTzi03LJBo9Xxy&downloadAs=Yahoo Messenger Setup.exe&fallback_url=http://www.downloadfree3.com/landers/.../download.php  (551b8b9c9ff2ae51837c70f166b060b0)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=Csxh /2sp2TLmwLfYD9DDTv5oUVJXkwslSRKN/OX3Ss=&c=iN1O7 6vFi0Wbs9W83p94phwDw4yXWZBJl7LRHcav0iUrq0AZMhBtt4g9EQy2AmyV3tlq zHvJk1DfnGU7ud2A//ev37YOW4/.../yS4Sm2fViBi4L66mCy&downloadAs=WinZip Setup.exe  (81b7592d47c996e9a53a5678e5d7ad0b)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=Jz0sZKnqpEdtu36T9bnEMm3L4aeg/Y1q9WDcJZasC78=&c=crXGSLQkgrEDGHEXwRZxJ65CHP5MiwstgEN4oAtZgEsGvob/zFY4YJeSx1X4speutdPh5nZqnfZcfrSOU JK75ln gOi6k7zh0UwYTIr3PqAYSEjSXr76aoXco5hlDc1&downloadAs=Google Chrome Installer.exe&fallback_url=http://cdn.darwendlmfilesnow.com  (55ee0b8b74ee93546b30e487c96c5d77)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=IyaUhLnVRZrylYFxMWKhf0dK7JVn/k8POWQqDs4VEN0=&c=Mm9v4OOCDLiKFkN0vlzL4mlVejrXRGuh7oInFOTB RabaFDQjSn1Xc0r RIYGbcA qq8D4TrKXjqi2sce35hAuFlaBZBbXi6cLPoo5gLcg M2pfYSjvyYwsHP3eP1zdo&downloadAs=Internet Explorer Setup.exe&fallback_url=http://cdn.downtoad.com/.../internetexplorer.exe  (6034d8b70607126468ce903a88cc9978)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=jHAZHsKenl2FEvBdO0DVx6FbO4N3e1HrH IX0eWrN3g=&c=jRMtGpFbeTEJGFZMef6BNvv/AfmoGO/.../muEYrhqhpMI HAXGVXbsn2beiWHDf11EASBFWmDXcpGCS6MA Pdobfzmc0sYjnJD8ZXlhAwOb BWPL&downloadAs=TeamViewer Setup.exe  (2ffa1e6f84fabd4f3fd981274a5f5745)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=tv9ZMrveujCL5/Szk9A0/GZT/b8fQmJ1i8eo44AVQqw=&c=HUu3nSTeHTSk8LJGCRljGN4tJrDkn6RSeoIO7hWakA6t/.../0Hq EdTYMYvNMDFAWV4aR iOA==&downloadAs=Audacity.exe  (641409d5a7555f23de5e5321d05d96ba)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=vM8KHr4joCTAyLWhNjMGD3g S8UvCqs2opBvVz1Als4=&c=k3HAP4 r1FITyAiPRgJ57v rwCUKzy5iPXp1c1 Z 2PhlK4RdXdMT4ukKVnTBBei0V6oyS4YPJjOW/LYQvRCnOjNeLdWd0PH7XCi3VTbtqDZUWhZbzzzSQVsA5ZBZ92Q&downloadAs=uTorrent Installer.exe&fallback_url=http://cdn.darwendlmfilesnow.com  (b675403d9567e90cc98c08cbf8c2f7a7)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=vLIEMsf2z0zt lhTUsyGWPxCrvndIpUmHld9KOg6XLw=&c=5HD4DRvvgO5shmaNk59ry2KEcYCetxCsPE5HnMvZfjPI6U0Vllk5TPICsGp6 BlCBF4L60WIG xNjziprOH2mDvmOUFI/laNRtEneq7QCVWLCX34OAtLUEDI1UhiQwXh&downloadAs=ManyCam Setup.exe&fallback_url=http://www.downloadfree3.com/landers/.../download.php  (4d3313c751fa4748e6e2a884166e42a7)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=/8COe7zWyeiTztPvJDPZ5zn31hgQcYFeQsW7gECqGbk=&c=hqiV5IBae2y7/.../wLclQn4WEOd0JeqAOpdI968iJGomDCUkU3&downloadAs=Google Chrome.exe  (b850226ada1d3506c60d3f256be3fc7c)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=eHtVB2IlrlaabminNdUf0XMG8nPw59rwY9WCYzqR1EY=&c=I9cSeIkHXYB/q2hxbW7U78eCi9or0AplbBheRdeyxhZ8mvq547FvFEzdvYXIhCCVV5mQfd/.../qQ9UWQSHxdNjtfvW6raIJ5dV5rX7wzNiMoR3Gyvg 42K&downloadAs=WinRAR Setup.exe  (e7a53d69befb5d0665d27879b6a3f2f3)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=/7AiRyg/.../mC 46fCwuyFuZPyhOnO6cAadYCnm9CkptnUc9cKR12ZcYDBfI4KqQ8ur4taNa1rOUl2TTjcuuDBiwx SjONCm5g9LkZqpG7QQ==&downloadAs=WinRAR Setup.exe  (c.exe)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=pazBpxj8Lzu7dQNnGWV N/FPc2zbw7QcDRhqKX8Ph6M=&c=tYlI6paTRo9NpyjEUwO9lEeOHdNWoCMwjt94yd j5OMt4GTiBaqyso5oWGb9IwhwSbOaPhPGS niFKhjYQpn5CqQQpWooWqV3xrj//nEcuy2LxBe7fErGJwE6jgUBkOj&downloadAs=VLC Media Player Installer.exe&fallback_url=http://cdn.darwendlmfilesnow.com  (e11a48b2488411414ec68c88721b7a12)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=nWjOBynHYif2ZYAkojGfzRd1cltvyzNkfDrU3RAxf1k=&c=XOKmieRdnOSA4m/vuQ6qMx/VevV/JIMHQJhJjDOYdBlc4m/8m1VerkUtI82JSrdRqbRPauqhOK6vR4HvG4LFptzn4kXxWaWkL/aHEi6oXOuP5/AGWn04FLUjodNoQfC &downloadAs=Screencast-O-Matic Setup.exe&fallback_url=http://www.downloadfree5.com/landers/.../download.php  (19a5607642d4d64c2eeb735b446c1926)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=7En1junFcCAMzkcdGKy/nWGGN6PflvM2XXBnA3di7NU=&c=zDvPVKeWaFO7jUnwAJI9Ld2lPLZjHl0yp3YEM6kuaTUTfDuyjAk3owdRi6piQiS Al2OcxqU/NfGwV7gKqxiM0gsl8eAwDpXZYRvLZDUqGFz4b6id2irBS798tVRq2hw&downloadAs=Firefox Setup.exe&fallback_url=http://cdn.darwendlmfilesnow.com  (c194ed73fc1b8f2426a745b5dabf0588)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=xHRFOpx5rBvZ7jDbTdtSe91XRS1ZaniO5J2V6eej1eI=&c=f zvngJCCXRyTNxmwHjQn5ycCTeQpxSsyr3jf2CMvtjv2wq XJ5JhbhXzZM9H1ipripiBHIXBmNRv0WVtpKdlA rodgB2IxWLIv8bzUUKDAiJ7hXgXpSaGJUo4Ppi7ww&downloadAs=FrostWire Setup.exe&fallback_url=http://www.downloadfree3.com/landers/.../download.php  (b88f0d19105f0f8c667ca1ebea6825f3)

1 / 68      (Adware)
http://www.farmtourvault.com/c?x=m/vG 8yiSgtceYzVZunPQz4xSSYsxgG9csyvd1sZew=&c=x8C2YJzpoI2kR9ouEwpkW013 hzlFLaaLzDmui4UUVVHgavemxRxuwv9m2N4sclgXOtRSX/fy3hLJhUx14byJ8PNvEGdU6h2EAE7vRJRonZ2dnI0EkeSVFz4U9Q0Qif6&downloadAs=Google Chrome Setup.exe&fallback_url=http://www.downloadfree3.com/landers/.../download.php  (728744be371b36dddbc3418245c44677)

1 / 68      (Adware)
http://www.farmtourvault.com/.../OUfSU89aCePNBsYXsTyT cY9gqvRV56arQw zZaD6ZYSBA89QNZLZIPl7b4KaHI zXaIwTNL6T8HuOOdpMls&downloadAs=Spotify Setup.exe  (b20e890d8b19a07d05cd17b64452b658)

 
Latest 30 of 188 download URLs

The following 36 files have been seen to comunicate with www.farmtourvault.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.33.46.229:80
Client.exe

TCP » 54.200.224.121:80
kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.