Adware

Adware.WDJiange (file analysis)

Malware Removal

The Adware.WDJiange is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Adware.WDJiange virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Network activity detected but not expressed in API logs

How to determine Adware.WDJiange?



File Info:

crc32: 4F79811D
md5: 7b737b7103fbc05d24e47014031b9e33
name: 7B737B7103FBC05D24E47014031B9E33.mlw
sha1: ed1166e1093eedeb4d826b71c2be28eac0d14a23
sha256: 0387079f0a7d63a81d19c9709a90bb8d3328cf5b24e5fd7a01462556fb63c6d4
sha512: e32e3382333bed217110860422fdac2f381aa961005f0718e364ff00b23e835ab7d3e00048585a4fbc69ba9a85e6d1a34b7ea29d1a6472880567f0e83dee32dd
ssdeep: 24576:OlNixcRYglX2FQVlXyVUdzqRxZSL8wuCenoEXlug/NJ0PxDA5G013KT2Vu9JNexB:4KEyVDwuC+luglsAo016T2VuLQEK
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright(c) Jr.Software. All rights reserved.
FileVersion: 1.0.0.0
CompanyName: x4e0ax9976x5e02x98cex4e91x7f51x7edcx79d1x6280x6709x9650x516cx53f8
ProductName: 91x6e38x620fx5b89x88c5x7a0bx5e8f
ProductVersion: 1.0.0.0
FileDescription: 91x6e38x620fx5b89x88c5x7a0bx5e8f
Translation: 0x0804 0x03a8

Adware.WDJiange also known as:

BkavW32.HfsAdware.EB59
CylanceUnsafe
ZillyaAdware.WDJiangeCRTD.Win32.563
TrendMicroPUA.Win32.WDJiange.A
SymantecML.Attribute.HighConfidence
AvastWin32:Malware-gen
ViRobotAdware.Wdjiange.1568376
SophosGeneric PUA ON (PUA)
F-SecureHeuristic.HEUR/AGEN.1007986
DrWebAdware.WDJiange.45
Invinceaheuristic
McAfee-GW-EditionArtemis!PUP
Endgamemalicious (high confidence)
AviraHEUR/AGEN.1007986
MicrosoftPUA:Win32/WDJiange
McAfeeArtemis!7B737B7103FB
VBA32Adware.WDJiange
TrendMicro-HouseCallPUA.Win32.WDJiange.A
RisingAdware.Agent!1.BAC5 (CLASSIC)
YandexPUA.WDJiange!
AVGWin32:Malware-gen

How to remove Adware.WDJiange?

Adware.WDJiange removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment