home

www.universefactorybundle.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
universefactorybundle.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.AVSoftwa.Installer (M), PUP.InstallCore.RE11 (M), PUP.InstallCore (M)
100.00%

The domain www.universefactorybundle.com has been seen to resolve to the following 15 IP addresses.

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
August 22, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
August 22, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
August 22, 2016

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
July 8, 2016

54.186.99.90
ec2-54-186-99-90.us-west-2.compute.amazonaws.com
July 8, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 8, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 6, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
May 31, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
May 31, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
May 19, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
May 19, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 19, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 19, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 19, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 19, 2016

File downloads found at URLs served by www.universefactorybundle.com.

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=RZU Vs frgEXGq2QrHr4tcQifBDyDBD80a1hEdUoLrg=&c=j43RjAP8YZpCtZbd/sny96fVTppsSRscIEytBT3zE1y4mpnL6MklXfUaV ilArKTFBVne570iL2HdF03o8sEkLf3YYHGdLi8e1w4/EPIPlt9eSAmT WuFNxH07n 7vdM&downloadAs=UltraISO_PE_9512810.exe&fallback_url=http://.../get.php?file=df7ca8e8&m3  (b10e39d11b0a7fab725dd4fb4e1d3d9a)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=3lPtE5O8B2hgmxi1FjbfNog/5AntdaNIZok2s4 LlnY=&c=7YI76Bugx6fMU5d7Iv8ChIDtd0uDAMXYT6097MGElQiBYsFKRq8RpbG1lF7VOksKJwMwo9VtN25XeHeAIWmm52qay9sbCgMESypznfIzs4bs4MhmUpt3subHPJcbfhWX&downloadAs=VID-20160405-WA0056_.exe&fallback_url=http://.../get.php?file=e6f09dc3&m3  (37d02f14498b566e601371fd12ece68d)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=5Jz7DeWZPK xH4nkXUqIT5TRaUi1Nou4DQypV1iqh0A=&c=COFyLmCvMC1R3jdHfX YaPAIrkMsxbFRHllhtbgKa4wNmmS/iVcgr4VH vo5op KpHfEYdKFThI4BENymuoCak6QcUPYElPL1FP6MHMD16yhL6D/BGriBJYbkyh46bZH&downloadAs=VID-20160407-WA0000_.exe&fallback_url=http://.../get.php?file=48c0f02c&m3  (318da1182819f0dbd324a6ff76dc6467)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=aD5wcSo4MzqW54snuKCjDrlk31WXplVnuQDY/06XqbY=&c=ksvVHH9jDYBDJMlQnvvxEpmz1LjRtbA 7CCibYLifW10x4kTW6tJxQXgxNHx3SdCwuxKW86EfUP/yyX8LujTwBWPv5vwGnIEiG5echSpReXd bChNQsjc00TAXVKy4fO&downloadAs=Shrek_3wwwfullypcgam.exe&fallback_url=http://.../get.php?file=154047e9&m3  (3523a30c37299c6352ab7f271afffca0)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=bXv3PpHYBnqOEpvtZ7NvaTw5gg3WkuHq60Vb9esQjw4=&c=7VpcdtZUDko7pUCoZNuw4 rw/5cOnglMs5APICzZBTsRnOU6TYKQc1JvLjrvyNDSKEUm4B scc25/jIRIv9Q3GNtKnNEcBOVNNFc/tIpZzo0ffzY41oC6EkQml7ij Cd&downloadAs=Shrek_3wwwfullypcgam.exe&fallback_url=http://.../get.php?file=41bad534&m3  (b8b23e200205748bcf634415caa9972e)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=Q0HxdVkhHaYTHxak79Z7E8OTDALnyRxQ3XwCmibSxyY=&c=IBsayg XLarTnqLNoId d9a0S6C7BNUahrP2CYfzxZtE1fgAKnYvx2SJmPsPAkL09UOJnUXAOwNDRytP2MaR67Bb/zc57RmmFLoKZsTjTu1J3d1pFsVCiwj9zsmBE/yS&downloadAs=Shrek_3wwwfullypcgam.exe&fallback_url=http://.../get.php?file=966f367c&m3  (217a56a0af87caad27ec39bb676292a8)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=HFh8 zb6w0DjbA2hmhLBDKRpKkuwYb3WefSadPcTfGQ=&c=Y70SFIDXLBG4UtcWLzr3 /RL5T5NKFZPc3QcbaKIcq 8nT1it dhNyYJjxOCZJ8GyIb2qXTrCYLbB9nLs OQg/POINF3PHaExPBrkdRU5fFoORyVJAas6mSAAzGJolQ2&downloadAs=13_Minutes.exe&fallback_url=http://.../get.php?file=fca52ad5&m3  (95cb07518bd0e43473b1dde19808dbe5)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=5dQDcu5RodlipseSPqMHD2L5h5e9MAlBd8/eflJo1Nw=&c=oUmFeq2l8GdX3NYjJ tps3A eS1tLlbAFDOdU97ZwRhnus6CpzNPDyVkm3GyZxvcamN0L4bujrvNd0pJU9sladHocx4Sb0 jLRfxCGBaquKXYfaBzYsk1hYNpaXL9bUQ&downloadAs=Prince_of_Persia_War.exe&fallback_url=http://.../get.php?file=d98425d5&m3  (d4facf8669b74489fd41bfc07c0a3abb)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=sJv6 q15zi hIT hWLGUtdZ6ad8hkSYhFGIl2oyU3eM=&c=xZeUrKp2Wsa7kyFaKbFcrTx9HSHgfNsXv6YLLgcDQpqth0hMoJrYLqZ5SH2kUMJ/Td xHnFqKZBrqMRi7mnGD6mOYqzKGkBuywot/R9RaaWZq45ysnXomTAGAxGlHa4C&downloadAs=keygen.exe&fallback_url=http://.../get.php?file=bec59efc&m3  (078d223595b630f87fe1b23b9dec16c0)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=hTppr3u05OTBorn80oPz1r1KmZDR /xYIZliDh79rDI=&c=j4R6alWt S/mDq3dVav3VvdB7ChC9xT2mmUlTVaqSdICzChh8anP9zbhCVassbsnlChjevVDn35iNtpvTmhLkCEmJ8Er10ePpSdbUkKdK3/jx7UQrxfaBPPoHggZDcZ0&downloadAs=OfficialChars_13.exe&fallback_url=http://.../get.php?file=b7c0f2d3&m3  (038da95363d8b93bffa1d3a520ab345e)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=XuOay Bu/kY6goABCa3kXXgVzOC 0TfSdc U/N5WR/U=&c=Jmi7cG7gMbOZu/9Ll4 6qztfsshaBRJK395 iclmQNSGHJwKRqDJZcfSo u6azW bdhqYcvJVLhZg4b1ahjzYI EFKHkY4o23rJZYQkvxd1RW3jBP0kOCOhJ2or2cdbu&downloadAs=__.exe&fallback_url=http://.../get.php?file=28f71120&m3  (534f374556dd73671ea736960c92c104)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=kK/KHavdUX16F4QM3jKwav0ZA MTlcK80/uenQPBRFM=&c=t6u2TCC8ev3WwKUZiLG1YsHJ61v/HLMVNVzbOcehSnF7Q5vfHx/exlYuXE1QeE3MBTV7FMkFmp6xj7gVzMMPtiPaoHA1c08YTEYgpmfpsua9GtOixGK4cYbJ gTPUaK/&downloadAs=Your_Freedom_2013090.exe&fallback_url=http://.../get.php?file=06a47e10&m3  (6059e2255774661d5bc1934a0c434838)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=1zhM78klVZOt8TWtcNAYrgeCPxdtWx6qwMEMKAadYKY=&c=vSP5jOmaQJ5x7k8Djc5mXW3OqchDZ2RfZLKjJI 8eudJHGuPfGhQF0RTFLAsPa7hV07L8zH51EvAHidEtuTVRPNz 48jr ni4dxjVfKbh4iteuhyLg7msGLqKScbX0mb&downloadAs=Baduck_V1_2013vol1.exe&fallback_url=http://.../get.php?file=426e98c1&m3  (2e6e1ab473023555adfa78681eeea283)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=QQ a0pK58rzCF JoGnWEe spcB5Lk 6qfrl3Cc24dEQ=&c=WwktwaMtq54q6HQ9I29cspAWduj4QUNZkD/yXMK4lcGTfaoI4rDJlUyyUSMcXy lWUu/7XbbPkIUmyX6qh5id8OaAbB7tA1l Qb29I1TDIUuD2DB0duL9tMBTd/0Es9i&downloadAs=Baduck_V1_2013vol2.exe&fallback_url=http://.../get.php?file=3614b587&m3  (69df9b6d712e01d06628b9656db1234c)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=R//avY47AprHA2zvMmP6DhsLv69gY7f/AvV7pa3gjuI=&c=87bnFY/rhsIQC5N2yVA2wZedvdgcJG1pd5mmW29hohvsnncR2/bYyJ8c9begccUtfnxwUbaTH9ta/PjBsAdAfaDdPOBN6fJl2eqSNasCMliBNQIDfeNdrg6ZorPKHqry&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe  (0c80685889a85ae5d1dca4fe17f1d85d)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=2VpGPYBEa3KGaTU0zQJ3 BuW1TSJqtD Nd0lnITB2bY=&c=G8Dw7tnCzcnuhv6ThVsC/dGgoOxIW3P8bHKxcFWFVgR0a07rz0Nq7jeLDRRcehUVweztkCl3SKNvOyu1MuL/wKCwsklecnjgaATKBaF49qHcYT8/ Yp5uW YD5V9fabp&downloadAs=Advanced_System_Care.exe&fallback_url=http://.../get.php?file=6d206e3b&m3  (979babbf6197daafc6ccc6540c35ad1d)

1 / 68      (PUP)
http://www.universefactorybundle.com/c?x=B/VOo0Xf pQGGq5wdUqpdk8s3imZZA4qNJmgzKK/tCk=&c=OQd21xPNdTmIoXwDGmhTaQK8pcLzTJc/v1B9F1 HWj5riNifR6fO2od7tyHVZPEgdmsc/n7gV8ZXzgIpj3d0wmhtne0J7qDIsCfRPOcd5WZAq9 NYW1wss/p2XpKZ5zd&downloadAs=DVD_Firmwares_Update.exe&fallback_url=http://directdownload.burn4free.com/.../dvd-firmwares-and-drivers-setup-silent.exe  (2ba633e8d0ab0ccd53776dd0e98b6410)

The following 36 files have been seen to comunicate with www.universefactorybundle.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.33.46.229:80
Client.exe

TCP » 54.200.224.121:80
kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.