Malware

What is “Application.Doina.63200”?

Malware Removal

The Application.Doina.63200 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Doina.63200 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Touches a file containing cookies, possibly for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Doina.63200?



File Info:

name: F3E8A13DD39E434C3F91.mlw
path: /opt/CAPEv2/storage/binaries/f3c0138ea1ce9008fb5adfd00b451815d2bcefa1f94b4a1cc34429eeba2fb127
crc32: 05DD10CF
md5: f3e8a13dd39e434c3f91dc2832c29bb4
sha1: dab4494deb9b095c617d18a48e4da892284dc110
sha256: f3c0138ea1ce9008fb5adfd00b451815d2bcefa1f94b4a1cc34429eeba2fb127
sha512: ba9cfc04d64f5be2b0547fc09e0ae36bfe43bb71a7ad9cff8346123ecd3c1e2ecfd04023dfd88a0d35bdd969379c49010e4261aad0af93df3a5d2b374a5f182c
ssdeep: 12288:Xr96EInk3MF8gkAMhgD1ZCutRnkZ2vN1BV1G3fF9c7YI7EVP:Z6fnk3WMibtRnkZMnqfF9c7YI7E
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T138F47D12B7E891B6F2F32B31AE7892515A7ABC719C35D64F33841A0D09B4980E975F33
sha3_384: 483c1e17f9601b68a71ebaf23444add8e509a23e056203053999c65bd138967956aae12b78a97496a7b1bfc1aa4dbe06
ep_bytes: e890c20000e97ffeffff3b0da0154500
timestamp: 2018-09-20 10:21:13


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: Adobe Bootstrapper for Single Installation
FileVersion: 19.8.20071.303822
InternalName: Setup.exe
LegalCopyright: Copyright © 2018 Adobe Systems Incorporated.  All rights reserved.
OriginalFilename: Setup.exe
ProductName: Bootstrapper Small
ProductVersion: 19.8.20071.303822
Translation: 0x0409 0x04e4

Application.Doina.63200 also known as:

CyrenCloudW32/Patched.GS.gen!Threatlookup
BkavW32.AIDetectMalware
LionicVirus.Win32.Senoval.n!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Application.Doina.63200
FireEyeGeneric.mg.f3e8a13dd39e434c
SkyhighBehavesLike.Win32.Backdoor.bc
ALYacGen:Variant.Application.Doina.63200
Cylanceunsafe
ZillyaTrojan.Patched.Win32.160300
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ab4bf1 )
AlibabaBackdoor:Win32/Doina.42b0f774
K7GWTrojan ( 005ab4bf1 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitTrojan.Application.Doina.DF6E0
BitDefenderThetaAI:Packer.264338151F
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
APEXMalicious
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Application.Doina.63200
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
Ad-AwareGen:Variant.Application.Doina.63200
EmsisoftGen:Variant.Application.Doina.63200 (B)
F-SecureTrojan.TR/Patched.Gen
DrWebWin32.Beetle.2
VIPREGen:Variant.Application.Doina.63200
TrendMicroTROJ_GEN.R002C0DIP23
SophosW32/Patched-CE
IkarusTrojan.Win32.Patched
VaristW32/Patched.GS.gen!Eldorado
AviraTR/Patched.Gen
Antiy-AVLTrojan/Win32.Patched
KingsoftWin32.Hack.Convagent.gen
MicrosoftTrojan:Win32/Doina.RPX!MTB
ZoneAlarmVirus.Win32.Senoval.a
GDataWin32.Trojan.PSE.11GD2R1
GoogleDetected
AhnLab-V3Malware/Win.Generic.R603715
McAfeeArtemis!F3E8A13DD39E
MAXmalware (ai score=100)
VBA32BScope.TrojanDownloader.Emotet
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/Chgt.AC
TrendMicro-HouseCallTROJ_GEN.R002C0DIP23
RisingTrojan.Generic@AI.100 (RDML:L2uJD4+5/FXyWJVGMDQqdA)
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
Cybereasonmalicious.deb9b0
DeepInstinctMALICIOUS

How to remove Application.Doina.63200?

Application.Doina.63200 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment