Categories: Malware

Application.Bundler.iStartSurf.TY malicious file

The Application.Bundler.iStartSurf.TY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Application.Bundler.iStartSurf.TY virus can do?

Behavioural detection: Executable code extraction – unpacking
CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
CAPE detected the embedded win api malware family
Anomalous binary characteristics
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Bundler.iStartSurf.TY?


File Info:
name: 140D3779C34998B21150.mlwpath: /opt/CAPEv2/storage/binaries/a42c99e559f12eb7a486aca168dbcb7b887a83c9b3e5e359bc437fa7bb29f24fcrc32: 69E9EA9Fmd5: 140d3779c34998b2115004c062b02ca8sha1: 11e143b3b9a8da0eeaf763e74a9f6a92fb7a341bsha256: a42c99e559f12eb7a486aca168dbcb7b887a83c9b3e5e359bc437fa7bb29f24fsha512: 5600d1c00f9dbd2ddcbf7823b721aea95ddf58b04f7e56864e0506d1cd140267eb91bc95d7481b2f1ab9345ca6161c65c570cea4246b3f74b3fd698d2065ef95ssdeep: 24576:eYtXM2/2qYTu2i6EDxBywzJ+XjhbKK7UjySLEKsDDcmH:jmHfvNhbrXptype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T192D533789345A312EFDDA77BE8C8B8C86B7533744C104EA33AF5418AAE67496C325533sha3_384: ed6fb0fddd31dd68639cf9a12a51f5fd8c61709282494108ecf342cbd048b7bf9008595398a6eb123ba27d3e4f2a817eep_bytes: 558bec6aff68388b5a0068d07a590064timestamp: 2016-05-09 13:52:03
Version Info:
0: [No Data]

Application.Bundler.iStartSurf.TY also known as:

Bkav	W32.AIDetectMalware
Lionic	Adware.Win32.DownloadHelper.2!c
MicroWorld-eScan	Application.Bundler.iStartSurf.TY
FireEye	Generic.mg.140d3779c34998b2
Skyhigh	Packed-FKC!140D3779C349
ALYac	Application.Bundler.iStartSurf.TY
Cylance	unsafe
Zillya	Adware.StartSurf.Win32.63296
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	Trojan ( 0053f6df1 )
Alibaba	AdWare:Win32/Kryptik.7a957ada
K7GW	Trojan ( 0053f6df1 )
Cybereason	malicious.3b9a8d
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.GMMA
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	not-a-virus:HEUR:AdWare.Win32.Generic
BitDefender	Application.Bundler.iStartSurf.TY
NANO-Antivirus	Virus.Win32.Gen-Crypt.ccnc
Avast	Win32:Adware-gen [Adw]
Tencent	Malware.Win32.Gencirc.10bc7e31
Sophos	IStartSurfInstaller (PUA)
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.PWS.Panda.12212
VIPRE	Application.Bundler.iStartSurf.TY
Emsisoft	Application.Bundler.iStartSurf.TY (B)
SentinelOne	Static AI – Malicious PE
GData	Application.Bundler.iStartSurf.TY
Jiangmin	AdWare.StartSurf.pcq
Google	Detected
Avira	TR/Dropper.Gen
Antiy-AVL	GrayWare[AdWare]/Win32.StartSurf
Kingsoft	Win32.Troj.StartSurf.gen
Xcitium	Malware@#9m9w01zdko03
Arcabit	Application.Bundler.iStartSurf.TY
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.Generic
Microsoft	SoftwareBundler:Win32/Prepscram.E
Varist	W32/Kryptik.DID.gen!Eldorado
McAfee	Packed-FKC!140D3779C349
MAX	malware (ai score=100)
VBA32	BScope.Adware.Prepscram
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/GdSda.A
Rising	Trojan.Kryptik!1.B33C (CLASSIC)
Ikarus	Trojan.Crypt
MaxSecure	Trojan.Malware.12116207.susgen
Fortinet	W32/Kryptik.GIQX!tr
BitDefenderTheta	Gen:NN.ZexaF.36680.1AW@aqVA2Ili
AVG	Win32:Adware-gen [Adw]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (W)