Malware

BAT/DelSettings.C potentially unsafe removal

Malware Removal

The BAT/DelSettings.C potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BAT/DelSettings.C potentially unsafe virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine BAT/DelSettings.C potentially unsafe?



File Info:

name: 6B698B89BC9E8A537351.mlw
path: /opt/CAPEv2/storage/binaries/da30fd1ef9747659f72b51fc9fb906026b153c5256d77aa6fe42c81d03ec1698
crc32: AA4EEA01
md5: 6b698b89bc9e8a53735126e1b3fd080c
sha1: af0d509166ad8a2fd3a420b8c2f9e5ac86fd5564
sha256: da30fd1ef9747659f72b51fc9fb906026b153c5256d77aa6fe42c81d03ec1698
sha512: 48592464d2eed9a43c151df0d95dc5ce90e91ac3a7199637ee4ec1822330fa4d5388930ddadfd493b7096f610a73e0da5562c4ac6dbd6e9c2b26401ffb31ada9
ssdeep: 24576:4PDo1AUrh/V9xu0iJD8sW8bUs0Ecn2QJexD:6D6tVBiJDHW8oeFGED
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13F3523143EC5D403D81369F396F5EBB8FA3CF677296AD8431391AB56A2922D0CB2740D
sha3_384: 00c1de430f0975d6044aa8963cfdd2b7e5e205474a6cba9a1250db037ea905b80552693b316857f23807c937611ab0bb
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-06-06 21:41:54


Version Info:

0: [No Data]

BAT/DelSettings.C potentially unsafe also known as:

BkavW32.Common.2DDA04C4
SkyhighBehavesLike.Win32.Dropper.tc
McAfeeArtemis!6B698B89BC9E
Cylanceunsafe
ZillyaDropper.Clons.Win32.2897
VirITPUP.Win32.eCodeSky.A
ESET-NOD32BAT/DelSettings.C potentially unsafe
ClamAVWin.Trojan.Taskkill-2
DrWebTrojan.PWS.Banker1.20159
Trapminesuspicious.low.ml.score
GoogleDetected
CynetMalicious (score: 100)
VBA32TrojanDropper.Clons

How to remove BAT/DelSettings.C potentially unsafe?

BAT/DelSettings.C potentially unsafe removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment