Adware

Adware.Generic.3034464 information

Malware Removal

The Adware.Generic.3034464 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Adware.Generic.3034464 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • At least one process apparently crashed during execution
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Transacted Hollowing
  • Collects and encrypts information about the computer likely to send to C2 server
  • Creates a hidden or system file
  • Likely virus infection of existing system binary

How to determine Adware.Generic.3034464?



File Info:

name: BB4C59FCE6BBAB8C20D3.mlw
path: /opt/CAPEv2/storage/binaries/d0bf73e572f26e13935459739f1facc42afbfd7ad9e094f3a92023d2e0ab922c
crc32: DB61E3DF
md5: bb4c59fce6bbab8c20d34ee9a4ef170f
sha1: 92083ac9fbbd896033dab51557cb4c2a7e50ccb8
sha256: d0bf73e572f26e13935459739f1facc42afbfd7ad9e094f3a92023d2e0ab922c
sha512: e0b058a8926fb3bc7d181dbcd0cab302584b9d6ba65bc275bb69c036d1f23e5b332c69c97c3725692d95bbb74c93ec11410a99cdb2a7a2042bf2b6335e708de4
ssdeep: 196608:hUulEjlGnzGnhISmMP7BmNN/tEh+x0bPnL:euJnCnixM8P/X0zL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1215633A3D1975135C3A28AB7D4F21870D3264DAACA69487E74B4F52F4F7F480E80A17D
sha3_384: 235a51dc8d65645cda1a857cbc3bc78c734a9be42882c656ef7f50a4f84951a94b74a6af4053b50f74138d32c991cd3a
ep_bytes: 558bec83c4cc53565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: Vseev Sz. Pz.                                               
FileDescription: viewfj.ucpb.ru                                              
FileVersion: 3.5.0.5             
LegalCopyright:                                                                                                     
Translation: 0x0409 0x04e4

Adware.Generic.3034464 also known as:

LionicTrojan.Win32.Convagent.4!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanAdware.Generic.3034464
FireEyeAdware.Generic.3034464
ALYacAdware.Generic.3034464
MalwarebytesAdware.DownloadAssistant
VIPREAdware.Generic.3034464
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderAdware.Generic.3034464
K7GWTrojan ( 005722f11 )
K7AntiVirusTrojan ( 005722f11 )
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
TrendMicro-HouseCallTROJ_GEN.R002H0DFF22
Paloaltogeneric.ml
ClamAVWin.Malware.Ekstak-9953027-0
KasperskyTrojan.Win32.Ekstak.amhey
AlibabaTrojanDropper:Win32/Ekstak.8f7e8943
NANO-AntivirusTrojan.Win32.Ekstak.jprbjb
Ad-AwareAdware.Generic.3034464
DrWebTrojan.Zadved.1704
McAfee-GW-EditionArtemis!Trojan
EmsisoftAdware.Generic.3034464 (B)
JiangminTrojan.Ekstak.bymv
WebrootW32.Trojan.Gen
AviraTR/Drop.Agent.uxjwa
MAXmalware (ai score=61)
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitAdware.Generic.D2E4D60
GDataWin32.Backdoor.Bodelph.BHQKK4
CynetMalicious (score: 100)
AhnLab-V3Adware/Win.Adware-gen.R499735
McAfeeArtemis!BB4C59FCE6BB
CylanceUnsafe
IkarusTrojan-Dropper.Win32.Agent
TencentWin32.Trojan-dropper.Agent.Pgcy
MaxSecureTrojan.Malware.109653022.susgen
AVGWin32:Adware-gen [Adw]
AvastWin32:Adware-gen [Adw]

How to remove Adware.Generic.3034464?

Adware.Generic.3034464 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment