Malware

Should I remove “Application.Doina.63197”?

Malware Removal

The Application.Doina.63197 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Doina.63197 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Doina.63197?



File Info:

name: F48D9A916842408DBF14.mlw
path: /opt/CAPEv2/storage/binaries/3b54c15665bc2bb71e217798b2040a9ff77ca1f745e9dd1be93e1788388e9641
crc32: 8316B918
md5: f48d9a916842408dbf148e262450ae6e
sha1: 1515e5bb02e2698d8f4c1ef4783d2ce9cb369b93
sha256: 3b54c15665bc2bb71e217798b2040a9ff77ca1f745e9dd1be93e1788388e9641
sha512: 401cefcdbac060bed12fc2392191c02d74b617a5449ca76b4bf52be14a351c32511d8ea473d7efb84166319d29c81c0766132409e653e7fa22a3c3ce47b06487
ssdeep: 12288:dLOx4Vpg9Qo/koNvSgDiwUJWIvIB2NS3nqzNwiTEB+LUi6u:doMoNvSgDiwO0P302MEpi6u
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T151D4DF1032D18023E99320B20DBDEB76B77C7C34072256DB77942A2E4EB65D1AA3675B
sha3_384: 43b2252db310d1a92e39d1fdc45de490310a7e4d643ff4bef099ea5a95db768aee1ed60bf85191038378f71a178cbfe7
ep_bytes: e837780100e979feffff8bc183600400
timestamp: 2011-03-31 01:25:32


Version Info:

CompanyName: Adobe Systems Incorporated
EnglishName: English
FileDescription: Adobe Acrobat Updater
FileVersion: 1.5.5.0
LanguageId: 0409
LegalCopyright: Copyright 2010 Adobe Systems Incorporated
ProductVersion: 1.5.5.0
Translation: 0x0409 0x04e4

Application.Doina.63197 also known as:

BkavW32.AIDetectMalware
MicroWorld-eScanGen:Variant.Application.Doina.63197
FireEyeGeneric.mg.f48d9a916842408d
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ab4bf1 )
K7GWTrojan ( 005ab4bf1 )
Cybereasonmalicious.b02e26
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Patched.NKM
APEXMalicious
KasperskyHEUR:Trojan.Win32.Patched.gen
BitDefenderGen:Variant.Application.Doina.63197
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
TencentTrojan.Win32.Pathced_ya.16001052
DrWebWin32.Beetle.2
VIPREGen:Variant.Application.Doina.63197
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Application.Doina.63197 (B)
MAXmalware (ai score=72)
GDataGen:Variant.Application.Doina.63197
GoogleDetected
VaristW32/Patched.GQ1.gen!Eldorado
Kingsoftmalware.kb.a.747
ArcabitTrojan.Application.Doina.DF6DD
ZoneAlarmHEUR:Trojan.Win32.Patched.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
ALYacGen:Variant.Doina.63197
VBA32BScope.TrojanDownloader.Emotet
Cylanceunsafe
RisingTrojan.Generic@AI.100 (RDML:K34Jzhmo3vNeWXfH7LHyhg)
FortinetW32/Patched.IP!tr
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Application.Doina.63197?

Application.Doina.63197 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment