Malware

What is “Application.Doina.63200”?

Malware Removal

The Application.Doina.63200 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Doina.63200 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Doina.63200?



File Info:

name: 555975F8189F281222B8.mlw
path: /opt/CAPEv2/storage/binaries/b26fa40adcdb1410171361b0db975a0343eeebc8523af58f222f1314615b5b64
crc32: AE75A9A5
md5: 555975f8189f281222b8e975e457c7c0
sha1: a3d274e7f801aaaec1fc8453dc4443043e5e419a
sha256: b26fa40adcdb1410171361b0db975a0343eeebc8523af58f222f1314615b5b64
sha512: e45df4c9ae5f451faf20b9363b95b0fd87fd00cc3ccc50fc176df962e9691780163eae3455769d654e030f96ce9a63b1ed1c7caed76ab6b6143a38976ade50c2
ssdeep: 12288:eeY12ekejPMQrp98eoU92U1Vhq33vUN3GEHb6ERJ7NyekGo/WR6r09PFK0i:G1djPMQrp98BU9wc3Giz7NyQ0r05g0i
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11205AF33A4654022E1F10277BE28A2306D2CAF381755D4BEE6D4BD1D6EF84D16BBB253
sha3_384: 799977704aa8dbf72f19529c3e21e3887fe9637e22713e1b61f7775d433c4c3a12f9e677278a9a52e7054babb181428a
ep_bytes: e81a050000e98efeffff8b4424088b4c
timestamp: 2017-11-18 16:39:11


Version Info:

CompanyName: Python Software Foundation
FileDescription: Python 3.9.2 (64-bit)
FileVersion: 3.9.2150.0
InternalName: setup
LegalCopyright: Copyright (c) Python Software Foundation. All rights reserved.
OriginalFilename: python-3.9.2-amd64.exe
ProductName: Python 3.9.2 (64-bit)
ProductVersion: 3.9.2150.0
Translation: 0x0409 0x04e4

Application.Doina.63200 also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.Senoval.n!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Application.Doina.63200
FireEyeGeneric.mg.555975f8189f2812
SkyhighBehavesLike.Win32.Idtsys.cc
McAfeeArtemis!555975F8189F
Cylanceunsafe
SangforTrojan.Win32.Patched.Vepp
K7AntiVirusTrojan ( 005ad28b1 )
AlibabaVirus:Win32/Senoval.e3a8133a
K7GWTrojan ( 005ad28b1 )
ArcabitTrojan.Application.Doina.DF6E0
BitDefenderThetaAI:Packer.71667E551F
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Application.Doina.63200
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
EmsisoftGen:Variant.Application.Doina.63200 (B)
F-SecureTrojan.TR/Patched.Gen
DrWebWin32.Beetle.2
VIPREGen:Variant.Application.Doina.63200
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan.Win32.Patched
GoogleDetected
AviraTR/Patched.Gen
Antiy-AVLTrojan[Backdoor]/Win32.Convagent
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmVirus.Win32.Senoval.a
GDataWin32.Trojan.PSE.12WYU30
VaristW32/Convagent.DP.gen!Eldorado
AhnLab-V3Trojan/Win.Generic.C5481517
ALYacGen:Variant.Application.Doina.63200
MAXmalware (ai score=72)
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/Genetic.gen
RisingTrojan.Generic@AI.100 (RDML:oEiPDM7TECO7AesDU00u5w)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS

How to remove Application.Doina.63200?

Application.Doina.63200 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment