Malware

Application.DealAgent.AMBW information

Malware Removal

The Application.DealAgent.AMBW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.DealAgent.AMBW virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Crashed cuckoomon during analysis. Report this error to the Github repo.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz

How to determine Application.DealAgent.AMBW?



File Info:

crc32: E0BBE1F1
md5: b4dcbaf79111365c3a3f7b0058592433
name: B4DCBAF79111365C3A3F7B0058592433.mlw
sha1: 1ddfbb52c0cf250850201534c91d29c817de3520
sha256: acf0f8b6de3a8684d26a451d0fc7dc440a42953040c4bdd6723a45d5e8fd0215
sha512: 92a48a163151c96dc3cf2dd13cc1f63d604b3a5f50b985431d6a9609feee0a468068b2ed58de41628e5748a653d8a0ea8a372b4a034635cb3a44e95b3971d51b
ssdeep: 24576:waNTFvxYGVgHulxnMRMNr0JnLxiQvlIh8vhO9jwf4qv+U7MD3vCFNHapbaZoBugt:wkL3UuzVQL0/8vhwj5c+UY7vwZQvq2TP
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Fast                                                                                                
FileVersion: 2.8.2.0             
CompanyName:                                                             
Comments: This installation was built with Inno Setup.
ProductName: Hibe                                                        
ProductVersion: 2.6                 
FileDescription: Hibe Setup                                                  
Translation: 0x0000 0x04b0

Application.DealAgent.AMBW also known as:

Elasticmalicious (high confidence)
McAfeeArtemis!B4DCBAF79111
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderApplication.DealAgent.AMBW
Cybereasonmalicious.791113
SymantecPUA.InstallCore!g1
ESET-NOD32Win32/InstallCore.Gen.A potentially unwanted
Kasperskynot-a-virus:UDS:AdWare.Win32.DealPly.gen
AlibabaAdWare:Win32/DealPly.928cac70
NANO-AntivirusVirus.InnoSetup.Gen.ccng
MicroWorld-eScanApplication.DealAgent.AMBW
Ad-AwareApplication.DealAgent.AMBW
SophosQPDownload Download Manager (PUA)
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis!PUP
FireEyeGeneric.mg.b4dcbaf79111365c
EmsisoftApplication.DealAgent.AMBW (B)
SentinelOneStatic AI – Malicious PE
WebrootW32.Adware.Gen
MicrosoftTrojan:Win32/Wacatac.A!ml
ZoneAlarmnot-a-virus:AdWare.Win32.DealPly.heur
GDataWin32.Application.InstallCore.LR@gen
VBA32Malware-Cryptor.2LA.gen
MAXmalware (ai score=100)
MalwarebytesPUP.Optional.BundleInstaller
RisingAdware.InstallCore!1.AB2C (CLASSIC)
FortinetW32/Generic_PUA_BN.A

How to remove Application.DealAgent.AMBW?

Application.DealAgent.AMBW removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment