Spy

CoinStealer.Spyware.Stealer.DDS removal instruction

Malware Removal

The CoinStealer.Spyware.Stealer.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What CoinStealer.Spyware.Stealer.DDS virus can do?

  • Authenticode signature is invalid
  • CAPE detected the Caliber malware family
  • Binary compilation timestomping detected

How to determine CoinStealer.Spyware.Stealer.DDS?



File Info:

name: 1B39D47EE17F79C7F2F2.mlw
path: /opt/CAPEv2/storage/binaries/217225b70e36d9242c4736b086234a950a1f148761c868219d8f9b1c92678772
crc32: AA4E7EB8
md5: 1b39d47ee17f79c7f2f28ebd6622f02a
sha1: 842e003147a855d4b60b527f6a9b5bca77797f5a
sha256: 217225b70e36d9242c4736b086234a950a1f148761c868219d8f9b1c92678772
sha512: f4391c2b09bebc09c829b069bceccc7a5276b61643fee46a523838c98f535f02e2f67eca9a5ef59cb59aa034a497032e0a9c2a571596838a73234342380ebe8e
ssdeep: 6144:Cf+BLtABPDZ1o2NjNRScMH5cgowlqgElI1D0Drl:s1HocY5cgJp1DEl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T185544C0027EC8B56E2FF57B8E4B01261C3B1B466B83EDB4E6D4461DE2923780D955BB3
sha3_384: 7710a63edc4054a36d6f09e7ef9725e67d3ccf9958007f9648a76441a5022a27d963eb582207defe6aa1223ca903983f
ep_bytes: ff250020400010111200080709060a05
timestamp: 2097-08-08 16:53:01


Version Info:

Translation: 0x0000 0x04b0
Comments: 44 CALIBER
CompanyName: 44 CALIBER
FileDescription: 44 CALIBER
FileVersion: 1.6.2.0
InternalName: Insidious.exe
LegalCopyright: FuckTheSystem Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Insidious.exe
ProductName: 44 CALIBER
ProductVersion: 1.6.2.0
Assembly Version: 1.6.2.0

CoinStealer.Spyware.Stealer.DDS also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.DataStealer.1.E7365DAA
FireEyeGeneric.mg.1b39d47ee17f79c7
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
ALYacGeneric.DataStealer.1.E7365DAA
ZillyaTrojan.CoinStealer.Win32.3693
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWPassword-Stealer ( 005282e41 )
K7AntiVirusPassword-Stealer ( 005282e41 )
ArcabitGeneric.DataStealer.1.E7365DAA
VirITTrojan.Win32.GenusT.DIIL
CyrenW32/CoinMiner.FA.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/PSW.CoinStealer.CC
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Datastealer-9856291-0
KasperskyHEUR:Trojan-PSW.MSIL.Stealer.gen
BitDefenderGeneric.DataStealer.1.E7365DAA
BitDefenderThetaGen:NN.ZemsilF.36302.rm0@aipRyje
SUPERAntiSpywareTrojan.Agent/Gen-Stealer
AvastWin32:MalwareX-gen [Trj]
TencentTrojan-Spy.Win32.Stealer.16000599
EmsisoftTrojan-PSW.Agent (A)
F-SecureHeuristic.HEUR/AGEN.1307065
DrWebTrojan.PWS.StealerNET.76
VIPREGeneric.DataStealer.1.E7365DAA
McAfee-GW-EditionBehavesLike.Win32.Generic.dm
SophosTroj/Steal-CJF
IkarusTrojan.MSIL.PSW
AviraHEUR/AGEN.1307065
Antiy-AVLTrojan[PSW]/MSIL.CoinStealer
MicrosoftPWS:MSIL/Stealgen.GA!MTB
ZoneAlarmHEUR:Trojan-PSW.MSIL.Stealer.gen
GDataMSIL.Trojan-Stealer.CaliberStealer.B
GoogleDetected
AhnLab-V3Infostealer/Win.CALIBER.R513735
Acronissuspicious
McAfeeGenericRXSG-XG!1B39D47EE17F
MAXmalware (ai score=82)
VBA32Trojan.MSIL.InfoStealer.gen.D
MalwarebytesCoinStealer.Spyware.Stealer.DDS
PandaTrj/GdSda.A
RisingStealer.Agent!1.D483 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.RML!tr
AVGWin32:MalwareX-gen [Trj]
Cybereasonmalicious.ee17f7
DeepInstinctMALICIOUS

How to remove CoinStealer.Spyware.Stealer.DDS?

CoinStealer.Spyware.Stealer.DDS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment