Malware

Application.Tool.Camerashy.A (file analysis)

Malware Removal

The Application.Tool.Camerashy.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Tool.Camerashy.A virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the embedded pe malware family
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Application.Tool.Camerashy.A?



File Info:

name: 0D64171D0669DACAC2C6.mlw
path: /opt/CAPEv2/storage/binaries/7f535aeb3654aab46d6e35aad8a4e7ac36ebd7d099467bc453cd64c7071cf0a5
crc32: 0D065954
md5: 0d64171d0669dacac2c694829e78c9a1
sha1: ba567bef48fa4c23514a8f5857975f3d94c7b941
sha256: 7f535aeb3654aab46d6e35aad8a4e7ac36ebd7d099467bc453cd64c7071cf0a5
sha512: 8cdbad8ac348cf3b000b008658885b477e1535a298630b7e60fafc7646dee7dacecfc542bf5e88e8f4503971d902b78c28e7c72bc8a71cbbca3d51db0f844bde
ssdeep: 24576:ufdJUFlJW5Add45yst1Qf+O1bHReWlHSn+mTXmPRL+uNrmNByp:UJY0ystqfLfSHC6ErmN0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T112556C22F6D14C33D5772A38DC1B96AC5929BE102E34D9772BB52C0C9F3A7913869393
sha3_384: c2fd9933b3d6b3e383fce85d32d3c27765506cb4d962c6668bef1c6fccca3ad12f888bb89aeedcfd46d7a69879c3a196
ep_bytes: 558bec83c4f053b89cf04f00e84378f0
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: Hacktivismo!
FileDescription: Browser
FileVersion: 0.2.23.1
InternalName: CS
LegalCopyright: 2002 Hacktivismo
LegalTrademarks: Camera/Shy, Hacking, Elite, 37337
OriginalFilename: CameraShy.exe
ProductName: Camera/Shy
ProductVersion: 0.2.21.1
Comments: Listen to the Wind
Translation: 0x0409 0x04e4

Application.Tool.Camerashy.A also known as:

BkavW32.Common.C631FFF6
MicroWorld-eScanApplication.Tool.Camerashy.A
FireEyeApplication.Tool.Camerashy.A
MalwarebytesGeneric.Malware/Suspicious
SangforTool.Win32.Agent.Vmpk
APEXMalicious
AvastWin32:Malware-gen
BitDefenderApplication.Tool.Camerashy.A
Paloaltogeneric.ml
WebrootW32.Malware.Gen
GoogleDetected
VaristW32/Risk.WYQZ-7814
XcitiumApplicUnwnt@#fo7lg84klbf6
ArcabitApplication.Tool.Camerashy.A
GDataApplication.Tool.Camerashy.A
ALYacApplication.Tool.Camerashy.A
PandaGeneric Malware
RisingTrojan.Win32.Generic.135C798D (C64:YzY0OrCyGrTHxcVR)
MaxSecureTrojan.Malware.10988686.susgen
FortinetRiskware/Application
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
alibabacloudHackTool:Win/Camerashy.A

How to remove Application.Tool.Camerashy.A?

Application.Tool.Camerashy.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment