Categories: Malware

Application.Bundler.BTE malicious file

The Application.Bundler.BTE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Bundler.BTE virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Application.Bundler.BTE?



File Info:

name: 4C3228212783D3909121.mlwpath: /opt/CAPEv2/storage/binaries/d6be16a0292f0142865a0976435967c692cb1256f6726141113994bcf35ee0e8crc32: 1D16483Dmd5: 4c3228212783d39091215b704921619dsha1: 8ad461e6fa4f811a5a8f8dab8ca05af685943dc4sha256: d6be16a0292f0142865a0976435967c692cb1256f6726141113994bcf35ee0e8sha512: f977d7dad539672943b448a497a67619c873ba74d2bac651a6e703435cfa473f5d8f0888c94f51817a92ad5602d52dd845b7921efb70a464b9b3b96a9ef9e2cessdeep: 24576:wjuVvneZ2hu3l7nDbY5dJ/gzC3p8F9vzLS9lWGYT1baF:wjRs/gz2p/WG+type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T11825CF10B252E13BE9B304718E7C876E542CAB610B2509EFB3DC0D5E4FB95E16A31B67sha3_384: 0296132438a09dcf5a99201ea49b738c9664cb4c90fa326264ee9e5016bdedce9e9ebd28dab88ee0fd09f751fa00259fep_bytes: e847080000e97afeffffe99a4500008btimestamp: 2018-11-15 15:00:25

Version Info:

FileVersion: 1.0.0.1LegalCopyright: Copyright (C) 2018ProductName: TODO: ProductVersion: 1.0.0.1Translation: 0x0419 0x04b0

Application.Bundler.BTE also known as:

Bkav W32.AIDetectMalware
Lionic Adware.Win32.Bundler.2!c
Elastic malicious (high confidence)
MicroWorld-eScan Application.Bundler.BTE
FireEye Generic.mg.4c3228212783d390
CAT-QuickHeal PUA.PrepscramPMF.S19939217
Skyhigh BehavesLike.Win32.Sality.dc
McAfee GenericRXGP-NB!4C3228212783
Cylance unsafe
Zillya Trojan.Kryptik.Win32.4605500
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan ( 0054256c1 )
Alibaba AdWare:Win32/StartSurf.f571a146
K7GW Trojan ( 0054117c1 )
Cybereason malicious.12783d
BitDefenderTheta Gen:NN.ZexaF.36802.9u0@aSlsJcik
Symantec Adware.IstartSurf
tehtris Generic.Malware
ESET-NOD32 a variant of Win32/Kryptik.GMTS
APEX Malicious
Avast Win32:AdwareX-gen [Adw]
ClamAV Win.Adware.Startsurf-9875652-0
Kaspersky not-a-virus:HEUR:AdWare.Win32.Generic
BitDefender Application.Bundler.BTE
NANO-Antivirus Trojan.Win32.Chapak.fkfmth
SUPERAntiSpyware Adware.IStartSurf/Variant
Tencent Malware.Win32.Gencirc.10b0d666
Emsisoft Application.Bundler.BTE (B)
F-Secure Heuristic.HEUR/AGEN.1305897
DrWeb Trojan.Vittalia.17910
VIPRE Application.Bundler.BTE
TrendMicro TROJ_GEN.R002C0PBM24
Trapmine malicious.moderate.ml.score
Sophos IStartSurfInstaller (PUA)
Ikarus PUA.Bundler
MAX malware (ai score=91)
GData Application.Bundler.BTE
Jiangmin AdWare.StartSurf.rws
Google Detected
Avira HEUR/AGEN.1305897
Varist W32/StartSurf.BN.gen!Eldorado
Antiy-AVL GrayWare[AdWare]/Win32.Kryptik.gmts
Kingsoft Win32.Troj.Generic.a
Xcitium Application.Win32.IStartSurf.PS@8c4m91
Arcabit Application.Bundler.BTE
ViRobot Adware.Startsurf.1006080.AGQ
ZoneAlarm not-a-virus:HEUR:AdWare.Win32.Generic
Microsoft SoftwareBundler:Win32/Prepscram
Cynet Malicious (score: 99)
AhnLab-V3 PUP/Win32.StartSurf.R243066
VBA32 BScope.AdWare.StartSurf
ALYac Application.Bundler.BTE
Malwarebytes Generic.Malware.AI.DDS
Panda Trj/Genetic.gen
TrendMicro-HouseCall TROJ_GEN.R002C0PBM24
Rising Trojan.GenKryptik!8.AA55 (TFE:5:HQX6jHhaysE)
Yandex Trojan.GenAsa!7IcDQ/uvrR4
SentinelOne Static AI – Malicious PE
MaxSecure not a virus:Adware.StartSurf.GEN
Fortinet W32/GenKryptik.CVLH!tr
AVG Win32:AdwareX-gen [Adw]
DeepInstinct MALICIOUS
CrowdStrike win/grayware_confidence_60% (D)
alibabacloud Trojan:Win/Kryptik.GMXN

How to remove Application.Bundler.BTE?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: Application.Bundler.BTE
1 month ago

Recent Posts

MSIL/GenKryptik.GXIZ information

The MSIL/GenKryptik.GXIZ is considered dangerous by lots of security experts. When this infection is active,…

3 days ago

Malware.AI.2789448175 (file analysis)

The Malware.AI.2789448175 is considered dangerous by lots of security experts. When this infection is active,…

3 days ago

Jalapeno.1878 removal instruction

The Jalapeno.1878 is considered dangerous by lots of security experts. When this infection is active,…

3 days ago

What is “Trojan.Heur3.LPT.YmKfaKBcBekib”?

The Trojan.Heur3.LPT.YmKfaKBcBekib is considered dangerous by lots of security experts. When this infection is active,…

3 days ago

How to remove “Worm.Win32.Vobfus.exmt”?

The Worm.Win32.Vobfus.exmt is considered dangerous by lots of security experts. When this infection is active,…

3 days ago

About “TrojanDownloader:Win32/Beebone.JO” infection

The TrojanDownloader:Win32/Beebone.JO is considered dangerous by lots of security experts. When this infection is active,…

3 days ago