Malware

AdWare.Win32.LMN (file analysis)

Malware Removal

The AdWare.Win32.LMN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AdWare.Win32.LMN virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine AdWare.Win32.LMN?



File Info:

name: 391FB7E036F6D7A5971A.mlw
path: /opt/CAPEv2/storage/binaries/686e7b1c0c7c657b3ec00bed88d7b9678e2d9d07d7028e71e13429943f0a3172
crc32: ACB13260
md5: 391fb7e036f6d7a5971aed48c3defaf0
sha1: 58f293adedca3253d0cf44c6652df542194d8756
sha256: 686e7b1c0c7c657b3ec00bed88d7b9678e2d9d07d7028e71e13429943f0a3172
sha512: 586c808eff7dc0cbcaeebf6c7006bf90fbd9621fd22ba699f93b87cecf819f438b83f44893be4323e1649311c1a7b0205d7b5db2de29bdf2674c4346396f1f71
ssdeep: 3072:o6e1XoUBsnofOWGd2Mm+HFUg1VtVoNDsrTrdInmiA2NgAXck7:o6eOfbd2MmUFUgvKgWmiF+As
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11E548C02F242C5B3DC5603B159DB967051F1BD68A8F2461EB3C8FB292EF3391556E38A
sha3_384: dcd18e7b7c4af0473f77da62e17573559a84e5862d3ed5ca6dfcb6d9dce9eeb07b8bc12400f22e5ab4f1226721aab7f7
ep_bytes: 5589e583ec18c7042402000000ff15f4
timestamp: 2013-10-09 14:56:13


Version Info:

0: [No Data]

AdWare.Win32.LMN also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur.suW@!7Us@@oc
ClamAVWin.Adware.LoadMoney-3644756-1
FireEyeGeneric.mg.391fb7e036f6d7a5
CAT-QuickHealPUA.LoadmoneyIH.S28574573
McAfeeAdware-FUI
Cylanceunsafe
ZillyaTrojan.Kryptik.Win32.4056727
SangforTrojan.Win32.Save.a
AlibabaAdWare:Win32/Kryptik.1ca72136
Cybereasonmalicious.036f6d
BaiduWin32.Trojan.Kryptik.dl
VirITTrojan.Win32.LoadMoney.DB
CyrenW32/Virtumonde!Generic
ESET-NOD32a variant of Win32/Kryptik.CGBF
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:AdWare.Win32.LMN.gen
BitDefenderGen:Trojan.Heur.suW@!7Us@@oc
NANO-AntivirusTrojan.Win32.LoadMoney.jvbgez
AvastWin32:Evo-gen [Trj]
TencentAdware.Win32.Lmn.yq
EmsisoftGen:Trojan.Heur.suW@!7Us@@oc (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.LoadMoney.1
VIPREGen:Trojan.Heur.suW@!7Us@@oc
TrendMicroTROJ_GEN.R03BC0OC623
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.dm
Trapminemalicious.high.ml.score
SophosMal/Generic-S (PUA)
IkarusTrojan.Crypt
GDataGen:Trojan.Heur.suW@!7Us@@oc
JiangminTrojan/Generic.atwqf
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Win32.Kryptik
XcitiumPacked.Win32.MUPX.Gen@24tbus
ArcabitTrojan.Heur.E6ED60
ZoneAlarmnot-a-virus:UDS:AdWare.Win32.LMN.gen
MicrosoftPUAAdvertising:Win32/LoadMoney
GoogleDetected
AhnLab-V3PUP/Win32.LoadMoney.C2729780
BitDefenderThetaAI:Packer.D58B40471C
ALYacGen:Trojan.Heur.suW@!7Us@@oc
MAXmalware (ai score=83)
VBA32TScope.Malware-Cryptor.SB
MalwarebytesCrypt.Trojan.Malicious.DDS
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R03BC0OC623
RisingDownloader.Small!1.65D6 (CLASSIC)
YandexTrojan.GenAsa!b4NXpdd5TH4
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetAdware/LoadMoney
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS

How to remove AdWare.Win32.LMN?

AdWare.Win32.LMN removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment