Malware

Application.Bundler.Amonetize.198 removal guide

Malware Removal

The Application.Bundler.Amonetize.198 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Bundler.Amonetize.198 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Detects Bochs through the presence of a registry key
  • Checks the version of Bios, possibly for anti-virtualization
  • Attempts to interact with an Alternate Data Stream (ADS)
  • Collects information to fingerprint the system
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Bundler.Amonetize.198?



File Info:

name: 6247E488C9E03FA3ED13.mlw
path: /opt/CAPEv2/storage/binaries/954c993ff00564a1311a5e7ff9d7ca526323a6248e82d269f13ee617d12ae354
crc32: BD85D68D
md5: 6247e488c9e03fa3ed13d920b84c742b
sha1: a6761153e424283667b1e126a173e32a39babf43
sha256: 954c993ff00564a1311a5e7ff9d7ca526323a6248e82d269f13ee617d12ae354
sha512: 6765cc4f0510e6cf541a359093b177c13d02bf8c4839be057121659c75796f87274d56ae1bbc5345a2950127e11e04612eac23eb5ba2dc9cf03911de0e581072
ssdeep: 12288:cur6ckanGC0gMS82A4UuUqp/qmeCVEgW8Co0Si/gZQKldTzr5zo6T19rnZFUWKdQ:zsizf15MjbD8YQKdLbeaIP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BCD4AF076A95CB25C1380930C8CA4775113ABE8B7F61AB4B29CCBD6537731E13AE53AD
sha3_384: 75434f3e1658ae596da4d088c706fbc3b05dda600c49aed78f72eee9f415577301e5c22642ce159022218e0c5f319001
ep_bytes: e862360000e989feffff6a00ff1548b0
timestamp: 2016-06-25 01:15:37


Version Info:

CompanyName: HlSxv
FileVersion: 215.84.254.16
ProductVersion: 215.84.254.16
FileDescription: smart install
LegalCopyright: Rights 2000
ProductName: GiFIg8q0iY7m
LegalTrademarks: h00tdLOmFP9VGE
PrivateBuild: 254
SpecialBuild: 215.84.254.16
InternalName: megainstaller
OriginalFilename: B7mGr5sychj4V
Translation: 0x0000 0x0409

Application.Bundler.Amonetize.198 also known as:

BkavW32.AIDetectMalware
LionicAdware.Win32.Amonetize.2!c
MicroWorld-eScanGen:Variant.Application.Bundler.Amonetize.198
FireEyeGeneric.mg.6247e488c9e03fa3
ALYacGen:Variant.Application.Bundler.Amonetize.198
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusAdware ( 004dfcd71 )
AlibabaAdWare:Win32/Amonetize.37c7904a
K7GWAdware ( 004dfcd71 )
CrowdStrikewin/grayware_confidence_100% (D)
BitDefenderThetaGen:NN.ZexaF.36318.Mu0@aCaxsoei
CyrenW32/Downloader.MP.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Amonetize.PY potentially unwanted
APEXMalicious
CynetMalicious (score: 99)
Kasperskynot-a-virus:HEUR:AdWare.Win32.Amonetize.gen
BitDefenderGen:Variant.Application.Bundler.Amonetize.198
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.13ea7d39
EmsisoftGen:Variant.Application.Bundler.Amonetize.198 (B)
F-SecureAdware.ADWARE/Amonetize.sylf
VIPREGen:Variant.Application.Bundler.Amonetize.198
McAfee-GW-EditionBehavesLike.Win32.PUP.jh
Trapminemalicious.moderate.ml.score
SophosGeneric Reputation PUA (PUA)
GDataGen:Variant.Application.Bundler.Amonetize.198
AviraADWARE/Amonetize.sylf
Antiy-AVLGrayWare/Win32.Amonetize
XcitiumTrojWare.Win32.Spy.Zbot.AFCA@4rkuhs
ArcabitTrojan.Application.Bundler.Amonetize.198
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.Amonetize.gen
MicrosoftProgram:Win32/Wacapew.C!ml
GoogleDetected
McAfeeArtemis!6247E488C9E0
MAXmalware (ai score=75)
VBA32BScope.Downloader.AdLoad
TrendMicro-HouseCallTROJ_GEN.R002H0CGM23
RisingMalware.Undefined!8.C (TFE:5:Qb7rFE7klpE)
YandexTrojan.GenAsa!7D/VoqwmC2o
IkarusPUA.Amonetize
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/Amonetize
AVGWin32:Malware-gen
Cybereasonmalicious.8c9e03
DeepInstinctMALICIOUS

How to remove Application.Bundler.Amonetize.198?

Application.Bundler.Amonetize.198 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment