Categories: Malware

What is “Application.Bundler.iStartSurf.XM”?

The Application.Bundler.iStartSurf.XM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Application.Bundler.iStartSurf.XM virus can do?

Behavioural detection: Executable code extraction – unpacking
CAPE extracted potentially suspicious content
Unconventionial language used in binary resources: Russian
Authenticode signature is invalid
CAPE detected the shellcode get eip malware family
Anomalous binary characteristics
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Bundler.iStartSurf.XM?


File Info:
name: B042EDBDFD44C020AB19.mlwpath: /opt/CAPEv2/storage/binaries/7a3859bb2df87f6ddd1ec7a9e5ca739a204cd794d83d06fb50dd7b2937c8cbc6crc32: D4290AB3md5: b042edbdfd44c020ab19ae3197d7fdb6sha1: 8ca9c103e7b0239662b42a31ad7af50ecf3f99b6sha256: 7a3859bb2df87f6ddd1ec7a9e5ca739a204cd794d83d06fb50dd7b2937c8cbc6sha512: 1855d165435bef27006f6c61bc9fe52d6c9f455637ebab7ceef9540d1d6732d1465b856f0fdfadf31b47867251cc24815fda54bd40e48a74553d0e5b6b2f259dssdeep: 24576:qhbvoyGx4gXM7DO2zQDIfBA07YV5+R3A/cVaMO/j:qNzgXMnzQkfBA07y8Y7type: PE32 executable (console) Intel 80386, for MS Windowstlsh: T1EC95D020B5B2E037D8B340B48978966A517DFB310F2548EF63C8292E6F755D2AB31637sha3_384: d3faf31bbb742160217735f3172a7f4a07d516366bab96b92e84f8597d06ce280de6dd90049a567b08fc4baac1f5a661ep_bytes: e8cd080000e974feffffe9265f000055timestamp: 2018-11-06 11:58:13
Version Info:
0: [No Data]

Application.Bundler.iStartSurf.XM also known as:

Lionic	Trojan.Win32.Chapak.4!c
tehtris	Generic.Malware
DrWeb	Trojan.Vittalia.17867
MicroWorld-eScan	Application.Bundler.iStartSurf.XM
FireEye	Generic.mg.b042edbdfd44c020
CAT-QuickHeal	Trojan.Mauvaise.SL1
Skyhigh	GenericRXGP-AR!B042EDBDFD44
McAfee	GenericRXGP-AR!B042EDBDFD44
Cylance	unsafe
Zillya	Trojan.Chapak.Win32.83481
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 0054256c1 )
Alibaba	Trojan:Win32/Chapak.8c91653c
K7GW	Trojan ( 0054256c1 )
Arcabit	Application.Bundler.iStartSurf.XM
BitDefenderTheta	Gen:NN.ZexaF.36680.ZvW@aulAYhpk
Symantec	Adware.IstartSurf
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Kryptik.GMLU
Cynet	Malicious (score: 99)
APEX	Malicious
Kaspersky	Trojan.Win32.Chapak.bcnm
BitDefender	Application.Bundler.iStartSurf.XM
NANO-Antivirus	Trojan.Win32.Vittalia.fjxhkd
SUPERAntiSpyware	Adware.IStartSurf/Variant
Avast	Win32:TrojanX-gen [Trj]
Tencent	Malware.Win32.Gencirc.10b29775
Emsisoft	Application.Bundler.iStartSurf.XM (B)
F-Secure	Heuristic.HEUR/AGEN.1366949
VIPRE	Application.Bundler.iStartSurf.XM
Sophos	Troj/Agent-BADC
Ikarus	PUA.Win32.Prepscram
Jiangmin	AdWare.StartSurf.rlr
Webroot	W32.Adware.Gen
Varist	W32/StartSurf.BH.gen!Eldorado
Avira	HEUR/AGEN.1366949
Antiy-AVL	Trojan/Win32.Chapak
Kingsoft	Win32.Trojan.Generic.a
Xcitium	Application.Win32.IStartSurf.PS@8c4m91
Microsoft	SoftwareBundler:Win32/Prepscram
ZoneAlarm	Trojan.Win32.Chapak.bcnm
GData	Application.Bundler.iStartSurf.XM
Google	Detected
AhnLab-V3	PUP/Win32.IStartSurf.R243047
VBA32	BScope.Adware.Prepscram
ALYac	Application.Bundler.iStartSurf.XM
MAX	malware (ai score=100)
Malwarebytes	Crypt.Trojan.Malicious.DDS
Panda	Trj/Genetic.gen
Rising	Trojan.Kryptik!1.B4D1 (CLASSIC)
Yandex	Trojan.GenAsa!aBoZG8M3znw
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/GenKryptik.COAQ!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/grayware_confidence_70% (W)