BlackBone (PUA) (file analysis)

The BlackBone (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What BlackBone (PUA) virus can do?

• Presents an Authenticode digital signature
• The binary contains an unknown PE section name indicative of packing
• Authenticode signature is invalid
• Anomalous binary characteristics

How to determine BlackBone (PUA)?

File Info:
name: 810C5C12704B3FE43312.mlw
path: /opt/CAPEv2/storage/binaries/2ba0a13ca1d6152ca856fcc8f27a520b8b03d12cbf0d2c52adf8ac39d27868a7
crc32: BE8C914B
md5: 810c5c12704b3fe4331278be9ca57b26
sha1: ec6cd15f2f0f10a79e63feb435b7d1089d59b180
sha256: 2ba0a13ca1d6152ca856fcc8f27a520b8b03d12cbf0d2c52adf8ac39d27868a7
sha512: 4f1ebaa19834d370dbf61cfcd604eb8366fc249b1f233c2b7d44b6aae9303392e909ae1345899dcd9151c8c2f27e00662d5c1eacfe3f72a1b22e115410127c34
ssdeep: 3072:j+xYCQgzj+l+0pNjNc8eJT4s9965eQCQ0e78ry6C9p:j+xDQIjW+0pNj0O78ry6+p
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T114B37C4A636C41E8C167E139D6D6496ADBF17806072283EF0B50864B1FBBFF0997E346
sha3_384: 02fc533e63255a796e3b52adb9cef9cf06c71bb68b617f313f0434ebd650c14a80d66cfb7f5c2392f34eff11c5012b45
ep_bytes: 48895c2408574883ec20488bda488bf9
timestamp: 2017-10-25 09:54:12

Version Info:
0: [No Data]

BlackBone (PUA) also known as:

How to remove BlackBone (PUA)?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.