Malware

Application.Doina.63197 malicious file

Malware Removal

The Application.Doina.63197 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Doina.63197 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Doina.63197?



File Info:

name: DE2DEA9ED7618A0C3AB9.mlw
path: /opt/CAPEv2/storage/binaries/4d586436d40b0df44175cb0d42833e8b31514c517531e7b48614f8837df54444
crc32: FD244FC3
md5: de2dea9ed7618a0c3ab9428869e3ab95
sha1: cdc41781f2a3b9244f865ea8c1393b079b626c8b
sha256: 4d586436d40b0df44175cb0d42833e8b31514c517531e7b48614f8837df54444
sha512: 5ea628d5e7eb5af3ce7caa31b7f1328453815cc684db743e95f945fdda719f46e2f6fbdc336237fbf2eedb46a42a13336bb9ab479d870900391cdf48ca4d5aef
ssdeep: 6144:W8rneNFNRO9G55OXw96T47Ro1upl8SS4wdyYley:WmSNOwNRo+l/S4wIF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D254D0583FE986FDD601503DB9BA670D5142F7F5AF2860C371E02EAA4E5D6C3083A61B
sha3_384: 3028cf66fe866e9a6846b6554cf33aeb8d228b0b404392c82807a23ecb1cf46b4cf82c861f9dfb784a195f330ea7fd91
ep_bytes: e8a95effffe937fdffff68d4ce400064
timestamp: 2012-07-27 20:41:40


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: Eula display
FileVersion: 10.1.4.38
InternalName: Eula.exe
LegalCopyright: Copyright 2010-2012 Adobe Systems Incorporated.  All rights reserved.
OriginalFilename: Eula.exe
ProductName: EULA
ProductVersion: 10.1.4.38
Translation: 0x0409 0x04e4

Application.Doina.63197 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Emotet.L!c
MicroWorld-eScanGen:Variant.Application.Doina.63197
FireEyeGeneric.mg.de2dea9ed7618a0c
SkyhighBehavesLike.Win32.Expiro.dc
ALYacGen:Variant.Application.Doina.63197
MalwarebytesGeneric.Malware/Suspicious
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ab4bf1 )
AlibabaVirus:Win32/Senoval.d7027d27
K7GWTrojan ( 005ab4bf1 )
Cybereasonmalicious.1f2a3b
BitDefenderThetaGen:NN.ZexaF.36792.su0@aWXynumi
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Patched.NKM
APEXMalicious
ClamAVWin.Trojan.Doina-10011069-0
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Application.Doina.63197
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:TrojanX-gen [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
EmsisoftGen:Variant.Application.Doina.63197 (B)
DrWebWin32.Beetle.2
VIPREGen:Variant.Application.Doina.63197
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan.Win32.Patched
GoogleDetected
VaristW32/Patched.GN.gen!Eldorado
Kingsoftmalware.kb.a.848
MicrosoftTrojan:Win32/Wacatac.A!ml
ArcabitTrojan.Application.Doina.DF6DD
ZoneAlarmVirus.Win32.Senoval.a
GDataGen:Variant.Application.Doina.63197
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R610860
McAfeeRDN/Generic PUP.x
MAXmalware (ai score=71)
VBA32BScope.TrojanDownloader.Emotet
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H0DJD23
RisingTrojan.Generic@AI.100 (RDML:WoH5iEkYVIohN+K/YAIEGA)
YandexTrojan.GenAsa!ZezEwSiaZVc
MaxSecureTrojan.Malware.218664346.susgen
FortinetW32/Patched.IP!tr
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Application.Doina.63197?

Application.Doina.63197 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment