Categories: Malware

What is “Application.Bundler.iStartSurf.FO”?

The Application.Bundler.iStartSurf.FO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Application.Bundler.iStartSurf.FO virus can do?

Behavioural detection: Executable code extraction – unpacking
CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
CAPE detected the shellcode get eip malware family
Anomalous binary characteristics
Yara detections observed in process dumps, payloads or dropped files

How to determine Application.Bundler.iStartSurf.FO?


File Info:
name: 83EA3817E7CD2FD1DF26.mlwpath: /opt/CAPEv2/storage/binaries/a9187a72bcf05f9249006a49f461cbc2cad546cbf32b1c1470b265e4e7b884d1crc32: DBB5E1D0md5: 83ea3817e7cd2fd1df2642525a7020desha1: 000b90fe49eeb33f36e664d97ce5fd099482e7b7sha256: a9187a72bcf05f9249006a49f461cbc2cad546cbf32b1c1470b265e4e7b884d1sha512: e6400ea3e5e1bf64a5c5aadc6e9787d0200b7d13cb5dc42088c0cb991af5539836fa8c4ecbdcdb5bece4917eaeae7ca036c73c32ff04c92f455c949447777c2bssdeep: 24576:VWEm2dRfM5zqWzr4A1GDR+99Og19buR+t9y8iQYDAC1gtkebW/:EEzb091zkA1tL6IKlc6etype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T14B652312F1C199B1D4360A3548AEEAB0677EFD110F1597E373692B6B0F283E10535EBAsha3_384: d72f62b7c00c17aeec421307a31944eda04ae7928a208f5485400857bbe42089f30982f9fac3a425904c5d6281e48dfbep_bytes: e83e040000e98efeffff558becff7508timestamp: 2018-04-27 10:28:36
Version Info:
0: [No Data]

Application.Bundler.iStartSurf.FO also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Chapak.4!c
MicroWorld-eScan	Application.Bundler.iStartSurf.FO
FireEye	Generic.mg.83ea3817e7cd2fd1
CAT-QuickHeal	PUA.PrepscramPMF.S19370800
Skyhigh	BehavesLike.Win32.Generic.tc
McAfee	Packed-XP.c!83EA3817E7CD
Malwarebytes	Crypt.Trojan.Malicious.DDS
Zillya	Trojan.Kryptik.Win32.1699422
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 0052f5b51 )
Alibaba	Trojan:Win32/Chapak.1312aaa9
K7GW	Trojan ( 0052de541 )
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Kryptik.GHSW
APEX	Malicious
Kaspersky	Trojan.Win32.Chapak.rch
BitDefender	Application.Bundler.iStartSurf.FO
NANO-Antivirus	Trojan.Win32.Chapak.faudfo
Avast	Win32:Adware-gen [Adw]
Tencent	Malware.Win32.Gencirc.10b326c3
Sophos	Generic Reputation PUA (PUA)
F-Secure	Trojan.TR/Crypt.XPACK.Gen5
DrWeb	Trojan.SkypeSpam.11320
VIPRE	Application.Bundler.iStartSurf.FO
TrendMicro	TROJ_GEN.R002C0PBN24
Trapmine	malicious.high.ml.score
Emsisoft	Application.Generic (A)
SentinelOne	Static AI – Malicious PE
MAX	malware (ai score=100)
Google	Detected
Avira	TR/Crypt.XPACK.Gen5
Varist	W32/StartSurf.AE.gen!Eldorado
Antiy-AVL	Trojan/Win32.Chapak
Kingsoft	Win32.Troj.Generic.a
Microsoft	SoftwareBundler:Win32/Prepscram
Xcitium	Application.Win32.IStartSurf.PS@8c4m91
Arcabit	Application.Bundler.iStartSurf.FO
ViRobot	Adware.Chapak.1410048.AE
ZoneAlarm	Trojan.Win32.Chapak.rch
GData	Application.Bundler.iStartSurf.FO
Cynet	Malicious (score: 100)
AhnLab-V3	PUP/Win32.IStartSurf.R226823
BitDefenderTheta	Gen:NN.ZexaF.36802.wzW@aOa8Ubfi
ALYac	Application.Bundler.iStartSurf.FO
TACHYON	Trojan/W32.Chapak.1410048
VBA32	Trojan.Chapak
Cylance	unsafe
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_GEN.R002C0PBN24
Rising	Trojan.Crypto!8.364 (TFE:5:xwZbvAPG2FS)
Ikarus	Trojan.Agent
MaxSecure	Trojan.Malware.22147174.susgen
Fortinet	W32/Kryptik.GFGF!tr
AVG	Win32:Adware-gen [Adw]
Cybereason	malicious.7e7cd2
DeepInstinct	MALICIOUS
alibabacloud	Trojan:Win/Kryptik.GHSW