About “Adware:Win32/Stapcore” infection

The Adware:Win32/Stapcore is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Adware:Win32/Stapcore virus can do?

Sample contains Overlay data
Presents an Authenticode digital signature
Reads data out of its own binary image

How to determine Adware:Win32/Stapcore?


File Info:
name: EFCA42FD1434EBDEAA71.mlw
path: /opt/CAPEv2/storage/binaries/a6efbe8658dbe1ff90546f9eb47065897c86fc9c02d7c0ec2a30a419068d467f
crc32: 75EE153B
md5: efca42fd1434ebdeaa71d2d2b49ccac0
sha1: f0198ed789756e336b64921d9d6f56bb96e52e87
sha256: a6efbe8658dbe1ff90546f9eb47065897c86fc9c02d7c0ec2a30a419068d467f
sha512: 21d34609ec03e001e25b2a61757868c74c3b154a839655aa3def005fd5148db3b110546916ddd1b0b2093264a52a1a0627cad77133a0c9b70b355e16bece6649
ssdeep: 3072:DbG7N2kDTHUpou36JbBQ5s5jXOwv8lGmtu9i+dqDsPzy5n+7bPmGCK5:DbE/HUP0bBDEE1Y+dWsry5ngd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B704F11052E0C012C463463079B97F7B9AB6ED5197B89F8317107E583D3EE92EB1E6A3
sha3_384: c100294f40dd43d02d689e80e23841038eefeb07f0cafdabc7adc299dbb5de42052dca52899236d95481055828cf1c54
ep_bytes: 558bec81ecf40300005356576a205f33
timestamp: 2021-09-25 21:57:46

Version Info:
CompanyName: 1079b
FileDescription: Setup
LegalCopyright: 1079b
ProductName: 1079b
ProductVersion: 1.1.1.1079
Translation: 0x0409 0x04e4

Adware:Win32/Stapcore also known as:

MicroWorld-eScan	Trojan.Generic.35237001
FireEye	Trojan.Generic.35237001
Skyhigh	Artemis!PUP
McAfee	Artemis!EFCA42FD1434
Malwarebytes	PUP.Optional.VeryFast.DDS
Sangfor	Adware.Win32.Pcappstore.Vito
K7AntiVirus	Unwanted-Program ( 005aeb241 )
Alibaba	AdWare:Win32/PCAppStore.f6b129f5
K7GW	Unwanted-Program ( 005aeb241 )
ESET-NOD32	a variant of Generik.DBHAWJD
Cynet	Malicious (score: 100)
Kaspersky	not-a-virus:HEUR:AdWare.Win32.PCAppStore.gen
BitDefender	Trojan.Generic.35237001
NANO-Antivirus	Riskware.Win32.PCAppStore.kipagp
Avast	NSIS:AdwareX-gen [Adw]
Tencent	Win32.Trojan.FalseSign.Iflw
Emsisoft	Trojan.Generic.35237001 (B)
F-Secure	Trojan.TR/Redcap.ctnrd
DrWeb	Program.Unwanted.5478
Sophos	Generic Reputation PUA (PUA)
SentinelOne	Static AI – Suspicious PE
GData	Trojan.Generic.35237001
Avira	TR/Redcap.ctnrd
Antiy-AVL	GrayWare[AdWare]/Win32.PCAppStore.gen
Kingsoft	Win32.Troj.PCAppStore.gen
Arcabit	Trojan.Generic.D219AC89
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.PCAppStore.gen
Microsoft	Adware:Win32/Stapcore
MAX	malware (ai score=80)
Cylance	unsafe
Fortinet	Riskware/Application
AVG	NSIS:AdwareX-gen [Adw]
DeepInstinct	MALICIOUS
CrowdStrike	win/grayware_confidence_100% (W)

How to remove Adware:Win32/Stapcore?

Adware:Win32/Stapcore removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X