Malware

About “Application.DealAgent.AUPM” infection

Malware Removal

The Application.DealAgent.AUPM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.DealAgent.AUPM virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Network activity detected but not expressed in API logs

How to determine Application.DealAgent.AUPM?



File Info:

crc32: 4A13D2ED
md5: a5d223d9ffef5a26fedcbd0fe5b8f000
name: A5D223D9FFEF5A26FEDCBD0FE5B8F000.mlw
sha1: f6e5425a98dc8641313881e299e3c1ab89071bc2
sha256: 23b3ff4086ac5a0d6bfdcbdcff7cafb277070adb04cc9500c5af07ede2bed549
sha512: 522521f1aaf507763be091402d32db37642d21a877e23f41d5ae99af4d2bd818d23ae5b62edd9e81244e507b4408cb3d0c837c981f4e8be614e760d696d16d5b
ssdeep: 49152:hzysf2H9Vwds+ji4I10XIxMy74kgyGzNzXA2scKVrNiIEnTgYoVKkyvy+4sqq:9zedVwds+jiSQMvyfcmrNiIETgsvvz46
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName:                                                             
Comments: This installation was built with Inno Setup.
ProductName: Cobala                                                      
ProductVersion: 5.1                                               
FileDescription: Cobala Setup                                                
Translation: 0x0000 0x04b0

Application.DealAgent.AUPM also known as:

LionicAdware.Win32.DealPly.2!c
Elasticmalicious (high confidence)
ALYacApplication.DealAgent.AUPM
CylanceUnsafe
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderApplication.DealAgent.AUPM
Cybereasonmalicious.9ffef5
SymantecPUA.Gen.2
ESET-NOD32Win32/InstallCore.Gen.A potentially unwanted
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:AdWare.Win32.DealPly.ecjsm
AlibabaAdWare:Win32/InstallCore.b00f031b
NANO-AntivirusVirus.Win32.Gen.ccmw
ViRobotAdware.Installcore.2574570
MicroWorld-eScanApplication.DealAgent.AUPM
Ad-AwareApplication.DealAgent.AUPM
SophosMal/Generic-S + InnoMod (PUA)
ComodoMalware@#37hhhbuoadnex
McAfee-GW-EditionArtemis
FireEyeGeneric.mg.a5d223d9ffef5a26
EmsisoftApplication.DealAgent.AUPM (B)
SentinelOneStatic AI – Malicious PE
WebrootW32.Adware.Gen
MicrosoftTrojan:Win32/Wacatac.A!ml
GDataWin32.Application.InstallCore.LR@gen
McAfeeArtemis!A5D223D9FFEF
MAXmalware (ai score=78)
VBA32Malware-Cryptor.2LA.gen
PandaPUP/DownloadAssistant
RisingAdware.InstallCore!1.AB2C (CLASSIC)
YandexPUA.DealPly!VY01ma9gcsQ
FortinetRiskware/InstallCore_Gen

How to remove Application.DealAgent.AUPM?

Application.DealAgent.AUPM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment