Malware

Application.Doina.63200 information

Malware Removal

The Application.Doina.63200 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Doina.63200 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Detects Bochs through the presence of a registry key
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Doina.63200?



File Info:

name: 2C3E2F62D855A5C77CB9.mlw
path: /opt/CAPEv2/storage/binaries/84e82832e41ec8da841a88d9664512d586c621b41b239d1b7b4525d666e2b7e7
crc32: 4851137E
md5: 2c3e2f62d855a5c77cb9efbb32559292
sha1: 82926def39f05c7649e6814bfd1a2a4bd243c91a
sha256: 84e82832e41ec8da841a88d9664512d586c621b41b239d1b7b4525d666e2b7e7
sha512: 187769add56f9b78606509aed98caf1e9e31e209d0d027872cdbb7ff8fed7f1414f2896cdaf164314eb7355171a4fb01855dab14649fa7c91eee5140275a4cfe
ssdeep: 49152:w5qP/pxMa2Bg1YFO2RlvEKJJMzHRX4hJ387UJHcvpH:EQ/BYFOQFEA9SRB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BF955C1177E95A29F1FB2B31AE7852644A7B7C719F31C7CF12801A5E2934AC09936B33
sha3_384: d8eb3b0d7548804605545f87621e5104e2ac96f96120614e73481e0beea2ef38c0b85b4778ecc07fe6cabb5a964526f3
ep_bytes: e8c50d0000e978feffff3b0d54055100
timestamp: 2022-09-27 03:14:05


Version Info:

CompanyName: Adobe Inc.
FileDescription: Adobe Reader and Acrobat Manager
FileVersion: 1.824.460.1032
InternalName: AdobeARM.exe
LegalCopyright: Copyright © 2020 Adobe Inc. All rights reserved.
OriginalFilename: AdobeARM.exe
ProductName: Adobe Reader and Acrobat Manager
ProductVersion: 1.824.460.1032
Translation: 0x0409 0x04e4

Application.Doina.63200 also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.Senoval.n!c
MicroWorld-eScanGen:Variant.Application.Doina.63200
FireEyeGeneric.mg.2c3e2f62d855a5c7
CAT-QuickHealTrojan.Doina
SkyhighBehavesLike.Win32.Dropper.th
McAfeeArtemis!2C3E2F62D855
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ad28b1 )
AlibabaTrojan:Win32/Senoval.33e558b8
K7GWTrojan ( 005ad28b1 )
ArcabitTrojan.Application.Doina.DF6E0
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Application.Doina.63200
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
EmsisoftGen:Variant.Application.Doina.63200 (B)
F-SecureTrojan.TR/Patched.Gen
DrWebWin32.Beetle.2
VIPREGen:Variant.Application.Doina.63200
TrendMicroTROJ_GEN.R002C0DLH23
Trapminemalicious.high.ml.score
SophosW32/Patched-CE
IkarusTrojan.Win32.Patched
GoogleDetected
AviraTR/Patched.Gen
Antiy-AVLTrojan/Win32.Patched
MicrosoftTrojan:Win32/Doina.RPX!MTB
ZoneAlarmVirus.Win32.Senoval.a
GDataGen:Variant.Application.Doina.63200
VaristW32/Patched.GQ1.gen!Eldorado
AhnLab-V3Malware/Win.Generic.C5492883
BitDefenderThetaAI:Packer.B6A929C31F
ALYacGen:Variant.Application.Doina.63200
MAXmalware (ai score=77)
VBA32BScope.TrojanDownloader.Emotet
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0DLH23
RisingTrojan.Generic@AI.100 (RDML:UDSnB9Dbs3orxdkvrkSPAA)
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Application.Doina.63200?

Application.Doina.63200 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment