Download
Community
knowledgeBase
» www.tourvaultranch.com
Overview
Analysis
IPs Addresses (9)
Downloads (10)
Network (18)
www.tourvaultranch.com
Domain Information
Server location:
Oregon, United States (US)
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US
Root domain:
tourvaultranch.com
Analysis
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.InstallCore.AGORASA.Installer (M)
100.00%
IPs Addresses
The domain www.tourvaultranch.com has been seen to resolve to the following 9 IP addresses.
52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 4, 2016
52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 2, 2016
52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 2, 2016
54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 23, 2016
54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 23, 2016
54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
May 23, 2016
52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
May 23, 2016
52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 23, 2016
52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 23, 2016
Downloads
File downloads found at URLs served by www.tourvaultranch.com.
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=UroIlR8hYPSvfZyyk41IMwjv4jlwRrliyB S5vFCCTE=&c=pqx7MU VrosHd vWn7juiK5igfo1cP3t3OQLxd28iJc0qWDKvpX37izXQCKPwSk/V1m9sNp3MbpJnureiGkLFgYv3cTS1ZD8AUgGMpUd2wAFnyYJRqJcKTpEdsVvFONQ3TcKJDB6lo08LzVPCXEInQ==&e=0&fallback_url=http://apps.microsoft.com/windows/pl-pl/app/.../750181c4-d23c-44b8-8bd7-1472cb26ad34&downloadAs=installer_TVN_player_sciagnij.exe
(icreinstall_installer_tvn_player_sciagnij.exe)
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=PkWk/LiSDjZYu8OfGpoPqqFWpgaH5lR67qHhp4fQqyY=&c=TTET9I0UcTiRsVr1Kxm/m/AfoiMv2jpDb0A9pcqQz0ytCiJVoPcBsZNQAFvK3uOKazHvagHYf7ZOAMDzGUdmIDw7m5WBiHby gT2AJ PTrlsxQNMMeoWVItxaozgWR32qmtzA9ZKEHzJR6miIxyKLA==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../dxwebsetup.exe&downloadAs=installer_DirectX_11_sciagnij.exe
(icreinstall_installer_directx_11_sciagnij.exe)
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=UriDD5M/K1ToFEdk1bExtXJZUTUiFlgN1dzjYoA4MgQ=&c=gwLGWJpVBDyou tPJ1ZJF6QCpQ9f7 bszq0DJngTiJ3WQbU1IWAKgjh3dtZmRVOC0TqYKdVgMLoBmo9eBekyyISIvL55f5yC oI0rJi8ar8gC/MPnsfVS41CBbE0xvpmqBsA54u4KgkjSpUoTMqw2Q==&e=0&fallback_url=http://www.fileplanet.com/55176/.../Fallout-Tactics-Multiplayer-Demo&downloadAs=installer_Fallout_Tactics:_Brotherhood_of_Steel_sciagnij.exe
(installer_fallout_tactics-_brotherhood_of_steel_sciagnij.exe)
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=U/riKArFkFI34SuMtU0tBx4ym7q0pdrlP4/wObniBZ8=&c=aW0Vgz0pZnem0p8BwrVOkgDIfDOHMTCYfC4blxX8bBHU1/2j3jwBh7ayq1n9GFHyYVxnrbNZE OQhIH4MbWpWIxiLG7e3JHPUGFVMbTSZkdIupWUs5Kx86m TgT2o300ypOuTFdnKk4vnpACDSxJpw==&e=0&fallback_url=http://www.xinputer.com/.../MotioninJoy_071001_signed.zip&downloadAs=installer_MotioninJoy_sciagnij.exe
(7131b33e2f3a8b19e4af71372e851187)
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=BEG1lvh4OEkA6cF3CZCnktKjRyKnxqXlCYQNd4/agxc=&c=3PXLAa0IBDKKSApY7lIppsjoYw8JOu2E/FjlNSKHsAUDwHvhJYemsa/g6X0ftL gHZijcFUi8zmsv24fnbpfjo/P1xWC6YaXguUG10O5EhI7F/qdKL8P1fSzU9Eg0iQAg5p8uInFUaI2GEpnianWVw==&e=0&fallback_url=https://chrome.google.com/webstore/detail/.../ibnoofknnfgheiebgdjdpnplhaknpgji&downloadAs=installer_Mario_Forever_sciagnij.exe
(mario to gówno.exe)
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=hqYXgfxST7h4svCBs6VPfc 3wqy6sQkWKO5A9HWcDDw=&c=idJvjdLi XHTQR4lNAigVSG/Vz/FO8ZfDUlnavrbeAfPQdLq74a68dptEAzBCzn31SBkvCciKoCljTA5RevFnclm7e6l3ZJQaXlNxUXQxT8ckzMi8Knq8q/TWnOCp k vvE0XXo6rxo7OYwU8oT90w==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../jpegtopdf_v1.0.zip&downloadAs=installer_JPG_to_PDF_Converter_sciagnij.exe
(1c68f41b9095bd060e575cdd29db1f59)
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=NxaxOeK/cio31N0fch782kIOmXQ6NMF3EoUfPBR5TEg=&c=hcBXjBuZEFG4Zs7YecLIXc 6k2ApQK9CyPXaWLsBcnv18G0 m1APd/hzoKS1MGrTCrVBUzIxkgkJlsPg us UciHzPSNX0VDXxnw6 MVy5WcuOG5x5whODMkesebg2j7ClSLpnCeGgrpVIfgaRPaow==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../free-dbx-viewer.exe&downloadAs=installer_DBX_Viewer_Free_sciagnij.exe
(d215e899643dcf6246b1bdcae5382f72)
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=cBvuki 0hejD vPDK9et4os3AGLB59T23KaJyZ0wVQc=&c=NIhNcoK2tyt7nMac1uEiBUi/Y4YdcvmmvvL WCZO0J7k0/MLs 7 lSQg9rGJ xKyALwsfdQ1cEJ5EOjiAfA9J50KvVcovmN/WgkiuuGraTzYmli2Z9mUYDzz5JhJm5JS9SkGmlmwDhjycZkQjbx7IA==&e=0&fallback_url=http://www.sciagnij.pl/.../1,93141,17916935,Program_aktualnie_jest_niedostepny.html&downloadAs=installer_Call_of_Duty_Black_Ops_spolszczenie_sciagnij.exe
(cce868d2bd6f3ba0f710885d33f5e209)
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=OMsVbciI/0HJQsBRgTs6QhvV4G9uBjXaASWT4JMmkg8=&c=ZuBQ6L oJWHWQqn7MSLP5V9UXM95oL cdjcIxevS2VgCv00Evg65SBoA8hXZz1W5Fu0rF3XxK66/XjN egEvYwE36wJ3WMYfuRmxnmFCgURmI4pcM5G8eMwqLHFplaw Oh6C8KZd/svt18yoCImIiw==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../revolutv_setup.zip&downloadAs=installer_RevoluTV_sciagnij.exe
(560d3ca5e1e7e053fed09622e6809696)
1 / 68 (PUP)
http://www.tourvaultranch.com/c?x=1OegZWDVN28BdZfH bPp9WdjMsamXZc2jEyvTnkNOmI=&c=EbOsPoFKM/X2Yj0U1OvQllmZqN0lkdjLgiCv0q8c7f4Zl5fnA130BYkKYrGY/5fL6ucgRwbBGhfJIgcScs5e5qNJtwSZo/yHYijJzGsgV4S7sxKcVAXcLTQgtI8UybyfUbX9LeiSJxzJCnugesSG1g==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../MyInternetTV.exe&downloadAs=installer_My_Internet_TV_sciagnij.exe
(6439e5bc6f9b39139fc562cc51157c23)
Network Communications
The following 18 files have been seen to comunicate with www.tourvaultranch.com in live environments.
TCP »
52.38.209.219
:80
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.38.209.219
:80
UCBrowser.exe (UC Browser by UCWeb)
TCP »
52.38.209.219
:80
browserairexec.exe (BrowserAir by Goobzo)
TCP »
52.24.26.116
:443
online-guardian-v2.0.9.exe
TCP »
52.24.26.116
:443
online-guardian-v2.0.9.exe
TCP »
52.38.209.219
:80
browser.exe (Browser)
TCP »
52.24.26.116
:443
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.24.26.116
:443
036629fbd4864725737a8ba8fe7e8cd6.exe
TCP »
52.38.209.219
:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)
TCP »
52.38.209.219
:80
e5be.tmp
TCP »
52.24.26.116
:443
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.24.26.116
:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))
TCP »
52.38.209.219
:80
client.exe
TCP »
52.38.209.219
:80
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.38.209.219
:80
kmplayer 3.8.0.117 -[www.patoghu.com].exe (The KMPlayer by PandoraTV)
TCP »
52.38.209.219
:80
KMPlayer_3.9.0.126.exe (The KMPlayer by PandoraTV)
TCP »
52.38.209.219
:80
3.9.0.125_20140702035547.exe (The KMPlayer by PandoraTV)
TCP »
52.38.209.219
:80
rlvknlg.exe (Relevant-Knowledge by TMRG)
TCP »
52.38.209.219
:80
online-guardian-v2.0.9.exe
X