Malware

AdWare.NSIS.KuPlays.g malicious file

Malware Removal

The AdWare.NSIS.KuPlays.g is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AdWare.NSIS.KuPlays.g virus can do?

  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Deletes executed files from disk

How to determine AdWare.NSIS.KuPlays.g?



File Info:

name: 72300A1DA5DDC559574E.mlw
path: /opt/CAPEv2/storage/binaries/02c211a159ee5e74b53c58af8a9583a817d998eace9d308f06ada98a1ee6c9af
crc32: 35F7ACEA
md5: 72300a1da5ddc559574e44ef89cae115
sha1: 4f5efb1d7be585c93bcbc23c0f4f991e41468f01
sha256: 02c211a159ee5e74b53c58af8a9583a817d998eace9d308f06ada98a1ee6c9af
sha512: 8f3b0332bdd1d17473f38b731e75acafb8477b2d618894366a961dc4e266ad3cb8c68cd7252b7cbea52fe7c75f84719094b2e58a95166bea9d085129e4d26ff4
ssdeep: 1536:8pgpHzb9dZVX9fHMvG0D3XJI4VWH6NO1uWF3f25:KgXdZt9P6D3XJlUUOZF3O5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18743D01AA5D19DB7CAC305B005B7B33AE7FBC78C0265275347A82FBA3E510934A1D296
sha3_384: bd2d385327d0b4083b2e507060b7cf1752bddc138f2b2f15822fb2f750eed11002f9654ea9bd7d42bf43b983007ebec6
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:52


Version Info:

0: [No Data]

AdWare.NSIS.KuPlays.g also known as:

K7AntiVirusRiskware ( 00584baa1 )
AlibabaAdWare:Win32/KuPlays.c125692e
K7GWRiskware ( 00584baa1 )
Kasperskynot-a-virus:AdWare.NSIS.KuPlays.g
TencentWin32.Adware.Malplayer.Odur
Trapminesuspicious.low.ml.score
Antiy-AVLTrojan[Downloader]/Win32.AdLoad.gen
Kingsoftmalware.kb.a.828
ZoneAlarmnot-a-virus:AdWare.NSIS.KuPlays.g
PandaTrj/OCJ.F
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_70% (D)

How to remove AdWare.NSIS.KuPlays.g?

AdWare.NSIS.KuPlays.g removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment