home

www.metasharefarm.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
metasharefarm.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.AGORASA.Installer (M), PUP.InstallCore (M)
100.00%

The domain www.metasharefarm.com has been seen to resolve to the following 18 IP addresses.

52.34.184.36
ec2-52-34-184-36.us-west-2.compute.amazonaws.com
September 2, 2016

52.36.112.186
ec2-52-36-112-186.us-west-2.compute.amazonaws.com
August 30, 2016

52.10.159.134
ec2-52-10-159-134.us-west-2.compute.amazonaws.com
August 9, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
July 23, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
July 13, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 6, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
July 6, 2016

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
July 6, 2016

54.186.99.90
ec2-54-186-99-90.us-west-2.compute.amazonaws.com
July 6, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 6, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 6, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 6, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
May 28, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
May 28, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 28, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 28, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 28, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 28, 2016

File downloads found at URLs served by www.metasharefarm.com.

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=APzyjEvITjTtiXZDijw0A7sqr1ZwUnYGOpjQR2hTvKM=&c=rr4lMO9Ds6SMucl1mwH8DAsTx0zcORaHw4a6hv7Z218ddXDSs2T5a1B53zBRTDG047JtUBlTOgsIhpaj699aBpZduVkGciHD5OIAVNEmdpGnsEGnC9WuYtitlLdM9ZdfX5hNuFwVm UP3TDEczergg==&e=0&fallback_url=http://cdnexpress2.pinnaclesys.com/CDN/.../PinnacleStudio16_1_0_Trial_Setup.exe  (installer_pinnacle_studio_sciagnij.exe)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=UXaKDI3k2DeANstICGtyp1XzCHhsb/9kXPqmvlnQ4bM=&c=3JaE5ACSJ/t8woHTZQk4TyGOswXU/ig8BzC94FgMkx1UVk6SW4CAzhje4UU4MTYQQ3X9HhnnM3VWLiRXZyy0BFn9vHflPHMjb5IUptFA0Zr3SPmGNoKIFPArLbrhPF3Dx2ZPZQouKa0FTYy6XnGoTA==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../farmmania.zip&downloadAs=installer_Farm_Mania_sciagnij.exe  (f7acc231eb7a5aca7657a0ab7f3d166d)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=BxhWNIPQjdmWD2GGtwnc DLixRvLmb2MnY9Kdj3Js8A=&c=2ymv5XtnGAMtDVOz XNaQnpA6cl9QloL1187T4XzmR1522RH4AVDhBHVQ8i9zYAdaN03Bf8xb0ru0tRKSv1C/OgYPBg Fxc8AKxIj8qtVheVeGwarvIvGE4wL4eHf1JuxDvaYGmjJ4h7mp2cBVUMkQ==&e=0&fallback_url=http://bi.sciagnij.pl/.../0/FuturePinballSetup_v1.9.20081225.zip&downloadAs=installer_Future_Pinball_sciagnij.exe  (1257968246e5ccd219f662f4e85a67dd)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=2z5ErMTTX8m1GFDdXmcjatkEOil48ylJGA9CMutjUxE=&c=mbRHtT7h9t7nB9RfKgg4vqt2WXmdaOynvN6sZBhPiJn1AYQc0zmtYLwpwCkTHLJco53YTTfu0QotgupacydkPi8KwE3TZqM6K1LXqnjU/gQqLrv4obWd7wuWoXFHU4rLEZYDujFQZcBG2ggCUwOzog==&e=0&fallback_url=http://bi.sciagnij.pl/.../0/FuturePinballSetup_v1.9.20081225.zip&downloadAs=installer_Future_Pinball_sciagnij.exe  (1257968246e5ccd219f662f4e85a67dd)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=zrnAOzhAejYnnaEOn6rZz5qyJhW72sBN8TuGCgCiX3k=&c=ntzTgIJlI3/rkNxmPszY8lbCGtDyCIf/9K5aDKsz0wWvmIrr8Fj7HaZ2jYt9DD9MUDKfviZfm9S3gCPLnH/CaYoySlR3H1pIFSeL06fyUJGz0kTu4z9n41DDDKw7GOl81GPhehUKeOECfdl111pHGQ==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../zyczu-mc.zip&downloadAs=installer_Minecraft_Launcher_by_Zyczu_sciagnij.exe  (6539849cd4073d4412c02dad4d261855)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=OukHDl60Xc/Xr8xqEDayAKDdt8cZA15oU0keYkAfBh4=&c=Clis2 Mgl7C6gxl5nrR9n0ICDo9ArjbI/1VbhoGNYHeZnTyCF7OuksCTvUYu kuUnXQaEvpFnYNR/jzRivxjStprg7YB39PdaHlWIumn6yY2uBhiuXCfJlJSTqhdUKNdKQ2yqD9p5zUi vQJnDOTlQ==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe  (04c10b3d52ba8fe3b4f402c5e18265c2)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=/pPDHl8QvM18jpmwt sppv8kB9YXNJgpQ7EWZRlbfo=&c=gPhrzu7QdhJfxbH9KutCYnA2ea776vQnXNt9f6WP/q08rkNB3HwOq4mND8/vte584FJ44MbPe eaBOuktJsdOrMQ0 2odHAztXRTazWnHnnLWrG2ukT7zoYWo5ELYLWJJtx1UDk3K1vhVQRguONveQ==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../NFSUC_DJ2_ESRB_vF_FCP.zip&downloadAs=installer_Need_for_Speed_Undercover_sciagnij.exe  (9d18ba743c97a78da4740c4d5f97c51d)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=BiGujf06a4rjMBE2RHTqIsjdaHAKWj//XC2LDjrZT6U=&c=BlDnms9uGzRY27lJOB MqpgcXVmkik6Fo7NTOr37ghvBgCkYxSIfUb9Ej39kLkTxZPoQ3VagXo4xgV3vQo1ZX6el4//gq0iyVvW7Fq3ubMHVjLO0M6/mHwNVRJyshWqFbxXMKBk6tPuMopAnj8zKvQ==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../zyczu-mc.zip&downloadAs=installer_Minecraft_Launcher_by_Zyczu_sciagnij.exe  (6539849cd4073d4412c02dad4d261855)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=5OZX3SLTWy/PGt9VKo1VKuulx86IU7mw5DyYM1jvc9w=&c= XlIUVOOpzrRu35RDn9cNa6yZKjV02RR6qSpepawul1uWzQWbyhqcX844hw 8JRlmjU84BAtTPQOKeV9ap9akYZybJg3Ohs4rRuThiRgn7BmgAZbONBbJCUUzFWPcaewohRtf6rbz3ys46s3ngb7Qw==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe  (04c10b3d52ba8fe3b4f402c5e18265c2)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=l7RAUWSfFB3y/8BiQf/Y5ne2ZydBlFl2R CQt8FXtBo=&c=SLhqUXrMoXxDTRG3TaDm2nJKbxYqs9 uopNYFAd/hUAVE1cPpY6pKrEgcIQd1zFN3JSJrpAl5l3xPRzkqSgA15Y8BJ2qMdNGVmk6PSw9qm66rA13mH0p0PSDn93eX6YA5rJC20Qz9HrHl7x oE3GYw==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Word_sciagnij.exe  (6768c83cfed1b2c06812c0c65ff47927)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=gY7Q4MfGZek95YH6PBKSisoSYHV3V7 36q/wzYxZNu0=&c=py0iWPMMafDWkUAaV6RA04DOAzbx uee6H/gY9YBPusj1PH65X0L5UiDgIJTtomC0atc1dahkj0PakHGnM7p59atpT3aO vEyxjAuh5B9qEXnY5zR7KrlYGrCwL20g9X/d8i3VH1mzQ9ZHXrcgJ5Q==&e=0&fallback_url=http://store.steampowered.com/app/.../?l=polish&downloadAs=installer_60_Seconds!_sciagnij.exe  (icreinstall_installer_60_seconds!_sciagnij.exe)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=11ae5AILBwth7H1Y1xmxTk/skPZQJRDEBJ aqkCMLk4=&c=QNrdYiKQtzrUv73ici8ES4tW5hK87lSNTIP83KJxrbvgdb6JoX/IJuMRmRrE69RRTYPYDfnMT2TTwDJGnCKPN2fuH2 dW0IsOZQXIZg/NTyG8Xol sMLlMUHLegSM2mLIalriZNsdU5SCRbnhZDdRQ==&e=0&fallback_url=http://store.steampowered.com/app/.../&downloadAs=installer_BLOCKADE_3D_sciagnij.exe  (434cc9d30a6bdf43bd4386bd4a1e02e8)

1 / 68      (PUP)
http://www.metasharefarm.com/c?x=QQ9dfcJvffC8ZYDi/W/R//YcaueG /ZmONqRDwtV4 U=&c=7uqQsPr77mvpvyo9oKCkO48AA4UOy59IMsIv5phzZK2nc96dCj4G6MF1jyS/xiwU2418zT 0PS65mRftM3mFyCJpr/ItfXGAL/sMxZ /b2ta/xsRP13JPCJ7H4Xg7C83Tpov3nAAI3jb9DmXKIZQMg==&e=0&fallback_url=https://www.origin.com/pl-pl/store/buy/nfs-world/pc-download/.../play-for-free?details&downloadAs=installer_Need_for_Speed_World_sciagnij.exe  (57bbde20810de23e9ddaadd6cef9ce46)

The following 50 files have been seen to comunicate with www.metasharefarm.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.34.184.36:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.34.184.36:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.34.184.36:80
browser.exe (Browser)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.34.184.36:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.34.184.36:80
BrowserSafer.exe (BrowserSafer by Installer Technology Co)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.34.184.36:80
Client.exe

 
Latest 20 of 100 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.