Malware

Application.Bundler.iStartSurf.TY malicious file

Malware Removal

The Application.Bundler.iStartSurf.TY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Bundler.iStartSurf.TY virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Bundler.iStartSurf.TY?



File Info:

name: 140D3779C34998B21150.mlw
path: /opt/CAPEv2/storage/binaries/a42c99e559f12eb7a486aca168dbcb7b887a83c9b3e5e359bc437fa7bb29f24f
crc32: 69E9EA9F
md5: 140d3779c34998b2115004c062b02ca8
sha1: 11e143b3b9a8da0eeaf763e74a9f6a92fb7a341b
sha256: a42c99e559f12eb7a486aca168dbcb7b887a83c9b3e5e359bc437fa7bb29f24f
sha512: 5600d1c00f9dbd2ddcbf7823b721aea95ddf58b04f7e56864e0506d1cd140267eb91bc95d7481b2f1ab9345ca6161c65c570cea4246b3f74b3fd698d2065ef95
ssdeep: 24576:eYtXM2/2qYTu2i6EDxBywzJ+XjhbKK7UjySLEKsDDcmH:jmHfvNhbrXp
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T192D533789345A312EFDDA77BE8C8B8C86B7533744C104EA33AF5418AAE67496C325533
sha3_384: ed6fb0fddd31dd68639cf9a12a51f5fd8c61709282494108ecf342cbd048b7bf9008595398a6eb123ba27d3e4f2a817e
ep_bytes: 558bec6aff68388b5a0068d07a590064
timestamp: 2016-05-09 13:52:03


Version Info:

0: [No Data]

Application.Bundler.iStartSurf.TY also known as:

BkavW32.AIDetectMalware
LionicAdware.Win32.DownloadHelper.2!c
MicroWorld-eScanApplication.Bundler.iStartSurf.TY
FireEyeGeneric.mg.140d3779c34998b2
SkyhighPacked-FKC!140D3779C349
ALYacApplication.Bundler.iStartSurf.TY
Cylanceunsafe
ZillyaAdware.StartSurf.Win32.63296
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 0053f6df1 )
AlibabaAdWare:Win32/Kryptik.7a957ada
K7GWTrojan ( 0053f6df1 )
Cybereasonmalicious.3b9a8d
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.GMMA
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:AdWare.Win32.Generic
BitDefenderApplication.Bundler.iStartSurf.TY
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Adware-gen [Adw]
TencentMalware.Win32.Gencirc.10bc7e31
SophosIStartSurfInstaller (PUA)
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.PWS.Panda.12212
VIPREApplication.Bundler.iStartSurf.TY
EmsisoftApplication.Bundler.iStartSurf.TY (B)
SentinelOneStatic AI – Malicious PE
GDataApplication.Bundler.iStartSurf.TY
JiangminAdWare.StartSurf.pcq
GoogleDetected
AviraTR/Dropper.Gen
Antiy-AVLGrayWare[AdWare]/Win32.StartSurf
KingsoftWin32.Troj.StartSurf.gen
XcitiumMalware@#9m9w01zdko03
ArcabitApplication.Bundler.iStartSurf.TY
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.Generic
MicrosoftSoftwareBundler:Win32/Prepscram.E
VaristW32/Kryptik.DID.gen!Eldorado
McAfeePacked-FKC!140D3779C349
MAXmalware (ai score=100)
VBA32BScope.Adware.Prepscram
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/GdSda.A
RisingTrojan.Kryptik!1.B33C (CLASSIC)
IkarusTrojan.Crypt
MaxSecureTrojan.Malware.12116207.susgen
FortinetW32/Kryptik.GIQX!tr
BitDefenderThetaGen:NN.ZexaF.36680.1AW@aqVA2Ili
AVGWin32:Adware-gen [Adw]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Application.Bundler.iStartSurf.TY?

Application.Bundler.iStartSurf.TY removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment