Malware

About “Application.Doina.63200” infection

Malware Removal

The Application.Doina.63200 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Doina.63200 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Doina.63200?



File Info:

name: 70594C45783B94F6AFC2.mlw
path: /opt/CAPEv2/storage/binaries/6060a4e4679ba54ed3911bdfbce0bb662b3f58ef2b434aea701626696ec60627
crc32: 84592D5F
md5: 70594c45783b94f6afc262cc51cf7d2c
sha1: 1028ff183aefdbd2f15fd5e1d5def52292a68f57
sha256: 6060a4e4679ba54ed3911bdfbce0bb662b3f58ef2b434aea701626696ec60627
sha512: 644e2bead403e570274c77a156b21c1bc4f3aba1767abd6b4feae04b2bfe5e89084e6bc6ae5270a3ab25c0a49a4898eb73d562110e30cd16c407cbb82d5e32d7
ssdeep: 12288:h4bvLU3jQUGfb2DCHyVIg7VRrmiK4Tsgm/rT1u8gL46S96Ny8B7fdFm6k:KbDdyVI0VRrmibTfcT1u8k4kNn4
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12305CF20B9D18036C2B3B831153DF2B669EE79310931569E93CD0B759F309D2AB2967F
sha3_384: e66c0c7a643da27e63838401f8a39e7fb5c94d155b260fba0cc2044ee572bd9360be3a60051ef7b491d6054ce4a44643
ep_bytes: e8819b0200e95cfeffff558beca104c0
timestamp: 2016-12-13 16:58:34


Version Info:

0: [No Data]

Application.Doina.63200 also known as:

CyrenCloudW32/Convagent.DX.gen!Threatlookup
BkavW32.AIDetectMalware
LionicVirus.Win32.Convagent.n!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Application.Doina.63200
FireEyeGeneric.mg.70594c45783b94f6
CAT-QuickHealTrojan.IgenericPMF.S31016184
SkyhighBehavesLike.Win32.Generic.bc
ALYacGen:Variant.Application.Doina.63200
MalwarebytesGeneric.Malware/Suspicious
ZillyaBackdoor.Convagent.Win32.6742
SangforTrojan.Win32.Patched.Vg1d
K7AntiVirusTrojan ( 005ab4bf1 )
AlibabaTrojanDropper:Win32/Convagent.ce11a2e9
K7GWTrojan ( 005ab4bf1 )
ArcabitTrojan.Application.Doina.DF6E0
BitDefenderThetaAI:Packer.3477BA271E
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Application.Doina.63200
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
SUPERAntiSpywareTrojan.Agent/Gen-Crypt
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
Ad-AwareGen:Variant.Application.Doina.63200
EmsisoftGen:Variant.Application.Doina.63200 (B)
F-SecureTrojan.TR/Patched.Gen
VIPREGen:Variant.Application.Doina.63200
TrendMicroTROJ_GEN.R002C0DIN23
Trapminemalicious.moderate.ml.score
SophosW32/Patched-CE
JiangminTrojanDropper.Agent.grrg
VaristW32/Convagent.DX.gen!Eldorado
AviraTR/Patched.Gen
Antiy-AVLTrojan/Win32.GenKryptik
MicrosoftTrojan:Win32/Convagent.AI!MTB
ZoneAlarmVirus.Win32.Senoval.a
GDataGen:Variant.Application.Doina.63200
GoogleDetected
AhnLab-V3Malware/Win.Generic.C5481766
McAfeeGenericRXAA-AA!70594C45783B
MAXmalware (ai score=73)
VBA32BScope.TrojanDownloader.Emotet
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0DIN23
RisingTrojan.Generic@AI.100 (RDML:OyfsbKzB8LbWEMbs6vpnYQ)
IkarusTrojan.Win32.Krypt
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Application.Doina.63200?

Application.Doina.63200 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment