Download
Community
knowledgeBase
» www.metabitsflash.com
Overview
Analysis
IPs Addresses (6)
Downloads (7)
Network (6)
www.metabitsflash.com
Domain Information
Server location:
Oregon, United States (US)
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US
Root domain:
metabitsflash.com
Analysis
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.InstallCore.AVSoftwa.Installer (M), PUP.InstallCore.RE11 (M), PUP.InstallCore.EST (M)
100.00%
ESET NOD32
Win32/InstallCore.ACY.gen potentially unwanted application
20.00%
avast!
Win32:Trojan-gen
20.00%
Dr.Web
Trojan.InstallCore.1903
20.00%
IPs Addresses
The domain www.metabitsflash.com has been seen to resolve to the following 6 IP addresses.
52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
May 17, 2016
52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 17, 2016
52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 17, 2016
54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 17, 2016
54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 17, 2016
54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
May 17, 2016
Downloads
File downloads found at URLs served by www.metabitsflash.com.
1 / 68 (PUP)
http://www.metabitsflash.com/c?x=XyHn2pi6CWqdCPo9bpOdRLWFcxpLWEtyoq5EUVVMF/s=&c=smfxvxxSWHZgtm7GsR0NUy8fMXKRn7eqj jhUsHNHB3rzec4mIu/pejoKK72iBvY88bsrobMdHo8qe99ALiwE2/jf0YMP8MWSk Ih5Adt4H9h6CsWpu2DOknFBE dbN1&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe
(1eb4dd599253b897a3d4ee4fc1e218f7)
4 / 68 (PUP)
http://www.metabitsflash.com/c?x=oEcEqBJQMv2vP4oOGQXwIjdHdTNJiXQzr48Kql0/XIQ=&c=qMVMxeaqWs1r7sIGpChUHxiwseV7uy3p3d/V7HudcweC07J0IiNka7evsE9JH5tR5s4Eu pBH2UzndrlpdC2vFhN3cV7vu4R391slxDkWucAhWKTZXR4NTzMuTKA28OA&downloadAs=Shadowsocks_2101.exe&fallback_url=http://.../get.php?file=805e30cd&m3
(51d4d6f8ea21777a35cbfb0e4a3d412e)
1 / 68 (PUP)
http://www.metabitsflash.com/c?x=pJWqSAAj56sKGihLD6 zx9wzjhnUvFO2 ge6LL8PZvc=&c=eJC7QsUY1zaUdbTouzhHgIDh5nzTHJkHwp/e3Kr9gyTiJahxOBXr3LkG/g6U4Wv012axpZ5cE1W5NTLkPo0u586VcEiuFZzhAfl jyYdM1QUlTF LIBLnHf3R DRjCrJ&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe
(1eb4dd599253b897a3d4ee4fc1e218f7)
1 / 68 (PUP)
http://www.metabitsflash.com/c?x=gY2aUF6ioaHhMvlt3Pb64W9x/ aOhCuxdMJalmA9lqU=&c=ywUohiqgMkL6ncKT93BYhG2XD5azb5cTxJYXIUb2iz4x812BOkb4nYVWubEgptJdUgh6GSQ5h11nXiAozb66QVB6iXUUnArdVASMctuGT5uIfM9C1Pz4m5oIeCOXPkwj&downloadAs=base.exe&fallback_url=http://.../get.php?file=411e0b3f&m3
(c.exe)
1 / 68 (PUP)
http://www.metabitsflash.com/c?x=h8Py4FDdNpWZ/MpmLPDzt//Mzq5da8g/rEafUDjpCUE=&c=lzEIJGdSc58nlUFg7N Rib4ux4ZaYvmqLBwpMSXwp94LxwJJRLElRB3aFuCPRbPZUPtwMWr181WLoylUQ21JdQxt5l0UIo7 uz9v4W/FTdkeyVoJUks5 Y18L5vziipE&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe
(1eb4dd599253b897a3d4ee4fc1e218f7)
1 / 68 (PUP)
http://www.metabitsflash.com/c?x=dvprCPG5QBLMhlD1N1Em36UUt0YptjdZ4r/mGShgK6M=&c=d6q9owiVAgvU453Y8oLyRc7uXEwAHTEffO6FTIgX8fH2BsEvSHzlcAOGA s5gFSW1 KbpnR1CK0Al2CamUu8sCn0pUMv1MPtot73lT4xxjQPlB8IBC M21v81rxJKHgf&downloadAs=convertxtodvd_4_1_19.exe&fallback_url=http://.../setup1.19.exe
(6ddc65037877beec77701849feafc744)
1 / 68 (PUP)
http://www.metabitsflash.com/c?x=N0 BI1hbA5REeQIUyFRVcF726yyCtZ/WhdoV8eknSgI=&c=tPSKYHvqGdFsDePG0djqWcqBEByNqax9zJ8UFFoMaWrpE/MfMc60G/ieM4ZFgc52 t7sW2LqCp9sSvMZ55qBlT8 wBVDSZ/oDB2/P4tGWjDInj77nFf75wN1qcQaLArq&downloadAs=OfficialChars_13.exe&fallback_url=http://.../get.php?file=b7c0f2d3&m3
(7d9e31ecf0cffe876b7eafe3c25ee691)
Network Communications
The following 6 files have been seen to comunicate with www.metabitsflash.com in live environments.
TCP »
52.24.26.116
:443
online-guardian-v2.0.9.exe
TCP »
52.24.26.116
:443
online-guardian-v2.0.9.exe
TCP »
52.24.26.116
:443
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.24.26.116
:443
036629fbd4864725737a8ba8fe7e8cd6.exe
TCP »
52.24.26.116
:443
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.24.26.116
:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))
X