Malware

Should I remove “Application.Doina.63200”?

Malware Removal

The Application.Doina.63200 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Doina.63200 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Touches a file containing cookies, possibly for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Doina.63200?



File Info:

name: B36CEE145D99529C5DE1.mlw
path: /opt/CAPEv2/storage/binaries/c78de114776067a1ba46cd850611002f374cbac29bce77c8e3cccfb91525a065
crc32: 4D446D1D
md5: b36cee145d99529c5de18d30c29f03db
sha1: b9e64b76fabaddc50ed4ed9570b6d0443897bc94
sha256: c78de114776067a1ba46cd850611002f374cbac29bce77c8e3cccfb91525a065
sha512: 66419623919ad343facd983fc2bdb254b2cd307806ca1980e93c5722d619862b5a92a5d47a90eb1f4d97aecfbebfe88edaabd61378995a50a4b0ff6c51dcd3f3
ssdeep: 12288:6C6XkWNJZdDehgD1ZC5ynPRYqN6mz8T9kankIeZ:2kWjeifPqqNPz8SanfeZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D7F47D02B3F89135F2F31B35AEB552615ABABC729D35D60F23D41A0C49B0990EA75B33
sha3_384: bb461e3bd89684f3b745572e30456824b8a364ae0ae47c888efcff863f45b45f8495e1a6457fb8bc74c996e609bcbec7
ep_bytes: e8afcdfeffe97ffeffff3b0da0154500
timestamp: 2018-09-20 19:17:30


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: Adobe Bootstrapper for Single Installation
FileVersion: 19.8.20071.303822
InternalName: Setup.exe
LegalCopyright: Copyright © 2018 Adobe Systems Incorporated.  All rights reserved.
OriginalFilename: Setup.exe
ProductName: Bootstrapper Small
ProductVersion: 19.8.20071.303822
Translation: 0x0409 0x04e4

Application.Doina.63200 also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.Senoval.n!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Application.Doina.63200
FireEyeGeneric.mg.b36cee145d99529c
SkyhighBehavesLike.Win32.Backdoor.bc
ALYacGen:Variant.Application.Doina.63200
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ab4bf1 )
AlibabaTrojan:Win32/Senoval.264100ee
K7GWTrojan ( 005ab4bf1 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitTrojan.Application.Doina.DF6E0
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
APEXMalicious
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Application.Doina.63200
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
SophosW32/Patched-CE
DrWebWin32.Beetle.2
VIPREGen:Variant.Application.Doina.63200
TrendMicroTROJ_GEN.R002C0DLI23
EmsisoftGen:Variant.Application.Doina.63200 (B)
VaristW32/Patched.GS.gen!Eldorado
Antiy-AVLTrojan/Win32.Patched
MicrosoftTrojan:Win32/Doina.RPX!MTB
ZoneAlarmVirus.Win32.Senoval.a
GDataWin32.Trojan.PSE.11GD2R1
GoogleDetected
AhnLab-V3Malware/Win.Generic.R603715
McAfeeRDN/Generic PUP.x
MAXmalware (ai score=71)
VBA32BScope.TrojanDownloader.Emotet
MalwarebytesGeneric.Malware/Suspicious
TrendMicro-HouseCallTROJ_GEN.R002C0DLI23
RisingTrojan.Generic@AI.100 (RDML:Uo0QrHy7oaE6Prt8dYh6pA)
IkarusTrojan.Win32.Patched
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
BitDefenderThetaAI:Packer.C7289D511F
AVGWin32:Patched-AWW [Trj]
Cybereasonmalicious.6fabad
DeepInstinctMALICIOUS

How to remove Application.Doina.63200?

Application.Doina.63200 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment