Malware

About “Application.Doina.63200” infection

Malware Removal

The Application.Doina.63200 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Doina.63200 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Doina.63200?



File Info:

name: 0540EEB5B10C8E5AE1CA.mlw
path: /opt/CAPEv2/storage/binaries/0dcbc2488319bd5318f2d5a2a177223e4c0c3d3be7ac1ae9588a46b8fd2c44a0
crc32: 63CF31C9
md5: 0540eeb5b10c8e5ae1ca3e3911c69dd7
sha1: c64b9ba9e5e62bcc0cf9560a5c659913ee5a2e39
sha256: 0dcbc2488319bd5318f2d5a2a177223e4c0c3d3be7ac1ae9588a46b8fd2c44a0
sha512: 38441574f5bacac1cc8f96eeb60dbbec378c299a6cbb97bf4f93c27aace080da2f1a92ba94fa9ff8e227f38bc94b116e1143f642dace45a3b680afac022fa6db
ssdeep: 12288:iU1Uk8RWjeWgIghgD1ZCF11CPn3b7W3UqMKy21I:wkCWZgiSEvbi3HLy
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15EF48D0273FDA025F6F36B716E7992616A7BBC719D38C64E2380260D0DB4990DA75B33
sha3_384: 2b4519cafa3af86fca225a75ab64b45a830c708209823fba6bd46b8f984528ee1164bfefa9e591f137a74b38caf9c242
ep_bytes: e8d6780100e97ffeffff3b0da0154500
timestamp: 2018-09-20 16:18:15


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: Adobe Bootstrapper for Single Installation
FileVersion: 19.8.20071.303822
InternalName: Setup.exe
LegalCopyright: Copyright © 2018 Adobe Systems Incorporated.  All rights reserved.
OriginalFilename: Setup.exe
ProductName: Bootstrapper Small
ProductVersion: 19.8.20071.303822
Translation: 0x0409 0x04e4

Application.Doina.63200 also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.Senoval.n!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.0540eeb5b10c8e5a
SkyhighBehavesLike.Win32.Backdoor.bc
McAfeeArtemis!0540EEB5B10C
MalwarebytesGeneric.Malware/Suspicious
VIPREGen:Variant.Application.Doina.63200
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ab4bf1 )
AlibabaTrojan:Win32/Senoval.264100ee
K7GWTrojan ( 005ab4bf1 )
Cybereasonmalicious.9e5e62
ArcabitTrojan.Application.Doina.DF6E0
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
APEXMalicious
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Application.Doina.63200
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
MicroWorld-eScanGen:Variant.Application.Doina.63200
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
SophosW32/Patched-CE
F-SecureTrojan.TR/Patched.Gen
DrWebWin32.Beetle.2
ZillyaTrojan.Patched.Win32.157013
TrendMicroTROJ_GEN.R002C0DLI23
EmsisoftGen:Variant.Application.Doina.63200 (B)
IkarusTrojan.Win32.Patched
VaristW32/Patched.GS.gen!Eldorado
AviraTR/Patched.Gen
Antiy-AVLTrojan/Win32.Patched
MicrosoftTrojan:Win32/Doina.RPX!MTB
ZoneAlarmVirus.Win32.Senoval.a
GDataWin32.Trojan.PSE.11GD2R1
GoogleDetected
AhnLab-V3Malware/Win.Generic.R603715
BitDefenderThetaAI:Packer.BF12FE091F
ALYacGen:Variant.Application.Doina.63200
MAXmalware (ai score=71)
VBA32BScope.TrojanDownloader.Emotet
Cylanceunsafe
PandaTrj/Chgt.AC
TrendMicro-HouseCallTROJ_GEN.R002C0DLI23
RisingTrojan.Generic@AI.100 (RDML:SYculSMpm0DjYsNRMiEsrQ)
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Application.Doina.63200?

Application.Doina.63200 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment