Malware

Should I remove “Application.Bundler.InstallMonster.1”?

Malware Removal

The Application.Bundler.InstallMonster.1 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Bundler.InstallMonster.1 virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • CAPE detected the shellcode patterns malware family
  • Detects Bochs through the presence of a registry key
  • Accessed credential storage registry keys
  • Touches a file containing cookies, possibly for information gathering
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Application.Bundler.InstallMonster.1?



File Info:

name: 024F18C7B7AAEFAC953B.mlw
path: /opt/CAPEv2/storage/binaries/99099ced097fd831c3bbac0ff2392809bf3aa9100ec33a8deb1ef5b91df613ac
crc32: 62A2C3E9
md5: 024f18c7b7aaefac953b21ee782ab15e
sha1: fbdcd9146a39dcabf79985a4f1dd57c7b45a0059
sha256: 99099ced097fd831c3bbac0ff2392809bf3aa9100ec33a8deb1ef5b91df613ac
sha512: dedcc11076b73fb7146a94174036fea21303dd94ebf60b77c50dc54b79779ea3eaf183715df87a6c6d78330f364bbfcd1b0882d49464bf595c90d92a1a7436b9
ssdeep: 98304:evntiUZV/J2tpwC1B6W2AR6sb6hB9Gn9gvnp+RRw+kL5ASb7BP7BZXEfYvL:antiUv/Yyy2AR6s0GnuvnKkL55b7BFlZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F01633D6B0DB5591F8535C3CDA0CF9EA97246EA30C88B2265D0DFAE97539EC1C702543
sha3_384: 6cd48dbc6d304dcad38467782895a1d19b7d77c6a7107e73ddfa2a7f5f899dab141d84758e8ac1787b16d4f2ee3e3c62
ep_bytes: 60be003037018dbe00e008ff5783cdff
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: 
FileDescription: 
FileVersion: 1.0.0.0
InternalName: 
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: 
ProductName: 
ProductVersion: 1.0.0.0
Translation: 0x0409 0x04e4

Application.Bundler.InstallMonster.1 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Variant.Application.Bundler.InstallMonster.1
FireEyeGeneric.mg.024f18c7b7aaefac
SkyhighArtemis
ALYacGen:Variant.Application.Bundler.InstallMonster.1
ZillyaTrojan.Black.Win32.36211
CrowdStrikewin/grayware_confidence_100% (D)
K7GWUnwanted-Program ( 004d38111 )
K7AntiVirusUnwanted-Program ( 004bedf21 )
VirITTrojan.Win32.InstallMonster.BV
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/InstallMonstr.FF potentially unwanted
APEXMalicious
AvastWin32:InstallMonstr-IQ [PUP]
ClamAVWin.Adware.Agent-1357134
Kasperskynot-a-virus:HEUR:AdWare.Win32.DLBoost.gen
BitDefenderGen:Variant.Application.Bundler.InstallMonster.1
NANO-AntivirusRiskware.Win32.Adware.dvtopk
TencentMalware.Win32.Gencirc.115d8c17
EmsisoftApplication.InstallMon (A)
F-SecureAdware.ADWARE/InstaMonst.KK
DrWebTrojan.InstallMonster.1231
VIPREGen:Variant.Application.Bundler.InstallMonster.1
Trapminemalicious.high.ml.score
SophosInstall Monster (PUA)
WebrootPua.Gen
VaristW32/InstallMonster.CC.gen!Eldorado
AviraADWARE/InstaMonst.KK
MAXmalware (ai score=71)
Antiy-AVLTrojan/Win32.TSGeneric
MicrosoftPUADlManager:Win32/InstallMonstr
XcitiumApplication.Win32.InstallMonstr.kQ@5jyymh
ArcabitTrojan.Application.Bundler.InstallMonster.1
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.DLBoost.gen
GDataWin32.Application.Installmonstr.I
CynetMalicious (score: 99)
McAfeeArtemis!024F18C7B7AA
GoogleDetected
VBA32BScope.Adware.DLBoost
MalwarebytesBHO.Trojan.Dropper.DDS
YandexRiskware.Agent!wV/LBNyFtSU
IkarusAdWare.BundleApp
MaxSecureAdware.W32.InstallMonster.gen_250896
FortinetRiskware/InstallMonstr
AVGWin32:InstallMonstr-IQ [PUP]
DeepInstinctMALICIOUS

How to remove Application.Bundler.InstallMonster.1?

Application.Bundler.InstallMonster.1 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment