home

www.megapresentmeta.com

Communigal Communication Ltd

Domain Information

The domain www.megapresentmeta.com registered by Communigal Communication Ltd was initially registered in January of 2016 through GAL COMMUNICATION (COMMUNIGAL) LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
GAL COMMUNICATION (COMMUNIGAL) LTD.

Server location:
Oregon, United States (US)

Create date:
Tuesday, January 12, 2016

Expires date:
Thursday, January 12, 2017

Updated date:
Tuesday, January 12, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
megapresentmeta.com

Whois:
1 megapresentmeta.com record

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.Bundler (M), PUP.InstallCore.SoftWeb.Installer.Meta (M), PUP.InstallCore.FC.Installer (M)
95.45%

ESET NOD32
Win32/InstallCore.ACY.gen potentially unwanted application
9.09%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
4.55%

F-Secure
Application:W32/Generic.70053c248f!Online
4.55%

avast!
Win32:Dropper-gen [Drp]
4.55%

The domain www.megapresentmeta.com has been seen to resolve to the following 17 IP addresses.

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
June 26, 2016

54.149.195.20
ec2-54-149-195-20.us-west-2.compute.amazonaws.com
June 26, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
June 26, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 2, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 2, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 2, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 16, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 18, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 18, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 18, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
January 30, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
January 30, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
January 30, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
January 30, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
January 30, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
January 30, 2016

File downloads found at URLs served by www.megapresentmeta.com.

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=N vUTl5XvdUF78 8ye/IwfTPCQsnhb9wYYbGmW5Sr9M=&c=FDaK76i6CbAZT9L4jsa28Wqe4BoulLElLQTBPTkJBpvlTAt6fazi9lfhf05f1dIcGV7cbBg2v9nQvKxZTDArokmq9AKLCfUSql8f8rbihzXE336AYzKpnHonPEvIVTa0&fallback_url=http://download.windows7codecs.com/files/.../windows.7.codec.pack.v4.1.5.setup.exe&downloadAs=Windows-7-Codec-Pack-18648-dp.exe  (4ac9c20408186e225a15b4725f7f8dd9)

1 / 68      (PUP)
http://www.megapresentmeta.com/c?x= WEm5S 5N2MOIfFAC1qfmZC587eSGseUozJ/XeO3XhM=&c=lr6RtMGDUZlrZgi3iyQBE5M7OYZVW9KMi W OsEUhljTOPOK DmQnFekXFnq22vD0mPzN0wjEIA26bt0OykoHCCTBHcqEqXEMEPiiXOq06CERqpscN4eMomKGJbbWITd&fallback_url=http://www.padowan.dk/.../SetupGraph-4.4.2.exe&downloadAs=Graph-36045-dp.exe  (46f8c75c84daa502880fae61c0a8ad4d)

1 / 68      (PUP)
http://www.megapresentmeta.com/c?x=6eaj5xoxScyoE3Yp6erZmdcDajJKno TtKYnO95qkyQ=&c=OecmObrY7uIhqO3aLySAu4tcktTP2TXEj1tK9dglLPGDX6t0R9hsx 0NLF9AHk07xFj62ia0w1ncdoomxcJIdkwzU8/1VCHNEN3nmky79zDMtIMyiqgij10boW02hon5&fallback_url=http://www.emptyloop.com/.../Unlocker1.9.2.exe&downloadAs=Unlocker-12240-dp.exe  (b6f8fb440eafb6153a7bdf6364bd7ce6)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=7zR2BL BUkEWOaU5DqBQD1Vjl1WqobHjEkyJd39wP94=&c=vq8dW8Cy5lTqX/ANkriLGLr8FT V9gfYmPRLuJZL8UeyVt54eCF4iqWLNFpYwZfZu2spQaPTHWcd3F9hDTTmGAT5xYyTNafP/Me2 F9RRCj1VoMmdYO6Y Dd4pMZSOFK&fallback_url=http://storage.dobreprogramy.pl/.../OOo_2.4.2_Win32Intel_install_pl(dobreprogramy.pl).exe&downloadAs=OpenOffice.org-12495-dp.exe  (fa283cb771cb31b5d194e88d287d35a2)

1 / 68      (PUP)
http://www.megapresentmeta.com/c?x=Fmhcmt0LmHU1yLjisdp6UWtUh1Aaex9Nx35ZCM2o4vc=&c=cv62wioWwZnDbhpN8hvyQlmKVjqAGetCHfaq XptIPqGZ0 GiuIT3 mclJp tbc/RoLBXNI7uLGb0iZ6roqkprz6EnJZgzIF06V58/Rk6kG6JFDwn/qUNkJ5RtWpmbih&fallback_url=http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.5.0/.../AdbeRdr950_pl_PL.exe&downloadAs=Adobe-Reader-12627-dp.exe  (c.exe)

1 / 68      (PUP)
http://www.megapresentmeta.com/c?x=lbgpC5B8JaOqnMVM6kKKmfd6V/DFUO3ijyvt5lvfkOk=&c=pQoxYd12mqPMVRr/Dy/m9En8CLMDKp7hmDEilfGOVt/Kzp4xJ2Pf2hrb Q7bSZEaU9Gosq/olOiwqoyif b6jth7H9O1aNn0p 240Av5qoAhic8bj8Gf6JCDWNUwrTyv&fallback_url=http://www.rarlab.com/.../wrar530.exe&downloadAs=WinRAR-12398-dp.exe  (c.exe)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=6WL7K6H3Oeb Bm5Ku JGSr99nvZi10hOU5pMmXQg0WE=&c=teHtyv/d5EGYK8jL1i907I3rCPu1MBqyT TeT62 /Ujx0oSSm0wf6h1UI6CNWS5fWWYY/7UGmJd8J8FY/mprG aZD9w4TUuVEI85Zn42EvIDq2FVNtgFM7e/gwuMKlOH&fallback_url=http://storage.dobreprogramy.pl/.../FFSetup3.8.0.0.exe&downloadAs=FormatFactory-13295-dp.exe  (d99bcf5228ad0441186e8c9e3433d8eb)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=QxOGnEvkd1ZNkehabC4aQJS6/U6CujeaqNpvE2SQm0s=&c=B4az1Jbph4zPKB8K/SU6dQU4V9Fp4kbC8KeU3o3XpGgiCsNeKg2OXoi620wZA AL46SVFb6QSpG46wE7zMiDEjUPjFUQsLD9/6k6kD8daqCNoN8f9OrUL1msa7UyyaPy&fallback_url=http://storage.dobreprogramy.pl/.../dziellacz.zip&downloadAs=Dzielenie-i-laczenie-plikow-59555-dp.exe  (1de72312e51839fbb4c716a4eb6fb106)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=Pp9U1SnODrszSUFedIDn4ZAkwkM5rnR77Z 6 6T0zRM=&c=ElcgaFOjE3SJ/FwRMphXg Ie/wHA eO59aF8Qg7V8y5Jla17J5rn2ELTo7tqli863EIj1j10vkr/36ozmlDFABP4K4bB1I1syFPks8MBJ6i465lh0EEFG1Q9nt5DYvrO&fallback_url=http://www.rarlab.com/.../wrar530.exe&downloadAs=WinRAR-12398-dp.exe  (a0893b9d47acc706740c5a262eba1ad6)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=w2V7KeAXvuMDJYxASSq vsqkzHrAaXDYSiCINWJlTWg=&c=HnBhBMG32gL1Hj12JxlpH 9xOJKgFjhmUEDj5iMbxR/A/vXnTBz6Ysqfvfx50lelo4WIvC4s6q4LMdpS3 /65oyQ/NfvLSTZtGx1oVtZltJTFyN4DgdTvtJNx0qRoEcd&fallback_url=https://ftp.mozilla.org/pub/firefox/releases/43.0.4/win64/.../Firefox Setup 43.0.4.exe&downloadAs=Firefox-13108-dp.exe  (db466147f1960b35476ee80abc9446ae)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=sHLPkYHBInDuShioNUwz/HrAcbm klXWSyUohRCkDPo=&c=QxZUKwSQioLsG948PEiD1VR5lQ3NBk9Rfj8ejb5yg2sbuuwpCzBNKJg7wLP6Pg1rG4FQCceV3bCmIN1JSr3fjTGLzaon6k4lLY3bYqqADvrtR6mYajt0JS KULAkQzhw&fallback_url=http://get.geo.opera.com/pub/opera/desktop/34.0.2036.47/.../Opera_34.0.2036.47_Setup.exe&downloadAs=Opera-12614-dp.exe  (e117d4dc75d93513856ce014d69510c5)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=gkWUxS58agFrdy1bmGkApuoup83h7ldM NdDzBNMI/4=&c=zX99rygwgxiXjJcT3bl f9KcWX1ustUFClxqEVkUvtAYnzn7dFJzBfPiOKOacthO4tsu67/iveHPiW275L1TnPFo5qpSttzyghTKLLp5CaKK29Xj63Cb1l1WTHMN/Z6r&fallback_url=http://www.studio-v5.com/.../lm30.exe&downloadAs=Logo-Maker-12346-dp.exe  (icreinstall_logo-maker-12346-dp.exe)

2 / 68      (PUP)
http://www.megapresentmeta.com/c?x=1hN9xmgdp2xVpmrHZw Pl0nvP ayPjGNTu941O0AhSg=&c=unHSo1uidcedHs77hkokXzxxaymjOOcnIGoKTXPe OrLYpHE0N7sR/4odWKS7amTAqo5nlVEfMurW2qBZov q5W6835ckSd2baJjQIDUYDmV3fjkc7QraVrnM4oBQNP/&fallback_url=http://storage.dobreprogramy.pl/.../uTorrent.exe&downloadAs=uTorrent-13270-dp.exe  (08875fe41d07431dba6029a55db7c12c)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=gHh0G9jQghieG3MlmwajZQFwNGHSKYE3g33C7pNq4OU=&c=SDyY CuSWT/JTUnwr26yvuKgyo539TuHOX9gHHRObwDeNqUF2M6lffuPnk01E1PvW6dZF0VAU9zkfOuH4fLFSGRBNXKSymTnlAns45Vt3Qa5TzGhDq9KvZszN09fa1y/&fallback_url=https://.../hamachi.msi&downloadAs=LogMeIn-Hamachi-12323-dp.exe  (37ce4aacd292403b6ba7ca7ec0a6bcf4)

3 / 68      (PUP)
http://www.megapresentmeta.com/c?x=tCRIteYLqPzo73cHcMBoEDEX9EA3btHPC21SRt39x8g=&c=ZwFjfos2ZOgwmfJ3jt1ArUXXv4CSgxgT5G7iM fQjadxSzu622N3YFbHl7FdTk2pElKu3MkpxmgeUDbB/eac53i3EZa2KMctepRQPv7Af5vwDq/ryvUWFn3Ssexhe7vW&fallback_url=https://.../hamachi.msi&downloadAs=LogMeIn-Hamachi-12323-dp.exe  (8718e854cb5b988b14f397644c82c5e8)

1 / 68      (PUP)
http://www.megapresentmeta.com/c?x=tExp1x nfgtyEBXLL7UorHL7K7BESIF7MTGnwXGsmvk=&c=H4sS1apffHu09k/6/1TKJWWJNNry5StBq6qWUiOGW2y7bHg/avOvEMQFWKxFrZjo1QRl8aQHUPsZebOt4qMRkcF529haFe5beRWtFM0MTmHJB rMQ3QRJYzPngtQidyC&fallback_url=https://ftp.mozilla.org/pub/firefox/releases/43.0.4/win32/.../Firefox Setup 43.0.4.exe&downloadAs=Firefox-13108-dp.exe  (b3a6f1e1ec404e971eb1292e7c972ee7)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=/IW0WBIsInziTcNWjaGfnYP11PkJlr AUBEgTr8e1cI=&c=LX27NG7/JvZrV54gP12vo055OL7swlGRx2zbgaH3mmWTsQkDi0Nj59pKkU5bmdjL3ItISpIrXpLA2bt6wFQsZrn9d5dh1EeOg1MGNFqvnEmpsCb9Ybj/1KEzp9Y7oLRL&fallback_url=http://.../install_virtualdj_pc_v8.1.2770.msi&downloadAs=Virtual-DJ-Home-Free-12894-dp.exe  (6a52e2834b273ff1bf28f900db131a02)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=0ZihuqlBwyjPRKraBtK3banrRAha1NHWskexh5hw0TE=&c=QcC/8rrNa7nl9vRDKAAPpeZ8B89gM7n/AF/iv/Lgil73v0sN076TpkDFwJaD6y/bmMiNzPTK5OWxZFdqMC1pemr0zsD/CxC O6N1oc2g2myuIbOIw ie i0qSBt8AjLj&fallback_url=http://get.geo.opera.com/pub/opera/desktop/34.0.2036.47/.../Opera_34.0.2036.47_Setup.exe&downloadAs=Opera-12614-dp.exe  (e117d4dc75d93513856ce014d69510c5)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x= ajlMv4m2gYb8CKta9 doZglkdiGJEmmqkTHGbgH I=&c=cU1Pm46JO5y xcUKniLI6H0IRfbM7NdD u828jDYbVtIJlgrzH5Q8toMptSc2gIuBavNY0 gKHqM29jiHk5aX8UWkJo 6M8DQ9vNwjz iQOMbNMr h1ykcqQu/WyHjgi&fallback_url=http://storage.dobreprogramy.pl/.../DJ_ProMixer_V1.500-Setup(dobreprogramy.pl).exe&downloadAs=DJ-ProMixer-Free-Home-Edition-33472-dp.exe  (12550f6a570babfc489590030aeb3448)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=ubdVY7j6sf/UUEU4KIfogipdGiDCLbpUHfz8kUxrnsc=&c=5dD8ZvSnf3dgsLaofeSTCkSfbdwN6Gb7w0gKpR OGFYODIeYveiSre28qHTGLSQDnKLJvY5YObe bhibLJqyMnghOZFgeAm4 mY9ChQ25KnVeI6KD8OgQdPhrA5NKm6T&fallback_url=http://storage.dobreprogramy.pl/.../Install_Cross_DJ_Free_3.2.2.exe&downloadAs=CrossDJ-Free-31978-dp.exe  (9ccea4828d559af8ad332e29437cb25e)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=ukQUEMwnYY9KA QH 2pw9wb10cqahjGDAebzxm4vVU=&c=lfFeLY4kGdq3QEKE6rV5tRz9EMrjGM/cglb6djCecb1FVMwc2zLFjgouMJ9Rm2f5eDZ061J8forchW5kjXjuzh/ADQoDOY6Dd8ntqUnjdtIV ShFeLy/ClIcY/UxeRwP&fallback_url=https://ftp.mozilla.org/pub/firefox/releases/43.0.4/win64/.../Firefox Setup 43.0.4.exe&downloadAs=Firefox-13108-dp.exe  (db466147f1960b35476ee80abc9446ae)

2 / 68      (false positives)
http://www.megapresentmeta.com/c?x=m91ORpBLgAa6thspEwal U1Uc1ZnfTuo6sauMpsB qE=&c=sQHMhlJ38r09ZvlUroB2Rqx PYczlogtTPELCqBZWU//DnmRPPM/6l3tYhqvbPRz /rGUYhCZGt5fRoZ0x5gcm9Qkbx6dn/qEvJhEmu7TexxT7TwaLBMyQnYIJ uypDR&fallback_url=https://ftp.mozilla.org/pub/firefox/releases/43.0.4/win64/.../Firefox Setup 43.0.4.exe&downloadAs=Firefox-13108-dp.exe  (wrar420.exe)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=3WVtwc2nhVP/sG7SJCTpWgcy3yg5AV8metQgAIVf8uA=&c=eh10L1M4Hwgp9aFx39z hO96AjubFBXT9pv5ZOTrv2xGNe22FyjecTdOrL5t/JZy1daapRJAVXmXutLtmemE7h9YczUEW vnORPcFcNpZS r3LWsxT4Ry/uiqXYNSolM&fallback_url=http://www.avantbrowser.com/.../absetup.exe&downloadAs=Avant-Browser-13168-dp.exe  (fd6a23ce45c1f47ccf2b0d0c269389d7)

1 / 68      (Adware)
http://www.megapresentmeta.com/c?x=ZZeXIjea/K3/gKhOtrPR0pTWYkZ6Xh1ezmPzrsPGQx4=&c=zB/0QgiWvAQhDuIPzTliWuVj/ZQgZ/WeisYXbTKYeMynX3ked9Q8ds6CNtiuJzifZRzCLcYH0HoR8/1KUlrgxaONvCReDdLjk9SupLONZMRIHRlYfv /H/Khr1wkJVBf&fallback_url=https://ftp.mozilla.org/pub/firefox/releases/43.0.4/win32/.../Firefox Setup 43.0.4.exe&downloadAs=Firefox-13108-dp.exe  (28955f16b591f40fc5923be60187402d)

The following 23 files have been seen to comunicate with www.megapresentmeta.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.33.46.229:80
Client.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
browserair.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

 
Latest 20 of 59 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.