Adware

Adware.Youxun (file analysis)

Malware Removal

The Adware.Youxun is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Adware.Youxun virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Adware.Youxun?



File Info:

name: 3AAEBC8C6D833B5E87F3.mlw
path: /opt/CAPEv2/storage/binaries/a9269f87e68fc206d40f3813eb1b880a1609a2c7d36f0ed7918b71bb08e21444
crc32: 0642AC97
md5: 3aaebc8c6d833b5e87f3e28bccdc9ec1
sha1: 90d4a3e35d1ee54ab1ca54cbf8ac643b49aaa6dd
sha256: a9269f87e68fc206d40f3813eb1b880a1609a2c7d36f0ed7918b71bb08e21444
sha512: 441837fccf8305bbc6f8f13f21090dffc4245a6327720d6ec0a8ab47a9fd7276389247a239a90fc19607c66f112e6994534b58b9f5016f934b746432685a369e
ssdeep: 98304:7djrfbWvOUlCnJ+I9P0ABLGejAMJ8C2IXDOXqHBQ+RSQnhj1Emq3v05hX6mx3o1s:dCO0E0ABLlJfCQjqX3vU3Ig
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T163063365441120ACE0912D75773DFAE87B0EB1631D6278268D8BCEF6163ACC6F782B07
sha3_384: b89e8665bf1bccbbcc479abf8dcb4245878bd7caea4ef56ec32ca9af2bff03fe4371f30b9649719954ae10c1dc7f5677
ep_bytes: 
timestamp: 2020-01-06 07:21:06


Version Info:

0: [No Data]

Adware.Youxun also known as:

BkavW32.AIDetectMalware
SkyhighBehavesLike.Win32.Generic.wc
AlibabaTrojan:Win32/Youxun.f2c0726b
VirITAdware.Win32.Youxun.A
RisingTrojan.Generic@AI.100 (RDML:9DgPzxS0H83jLASFzZIJbg)
DrWebAdware.Youxun.1
Trapminesuspicious.low.ml.score
SophosGeneric ML PUA (PUA)
IkarusTrojan.Win32.Youxun
VaristW32/Damaged_File.I.gen!Eldorado
Antiy-AVLRiskWare[Downloader]/Win32.YXdown
MicrosoftTrojan:Win32/Youxun
GoogleDetected
VBA32Adware.Youxun
DeepInstinctMALICIOUS

How to remove Adware.Youxun?

Adware.Youxun removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment