Malware

Doina.15006 removal

Malware Removal

The Doina.15006 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Doina.15006 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Doina.15006?



File Info:

name: 7C0EB92A2BF7569C45C4.mlw
path: /opt/CAPEv2/storage/binaries/daab12fbfdf3fe4ecef6644d74c207d90eee3edb65168d68c183a10e710a53d8
crc32: 5EBA7DFB
md5: 7c0eb92a2bf7569c45c4504e99cdb5a5
sha1: 875dc29a43c0f4a7efe0f84b7f8346ccdf110540
sha256: daab12fbfdf3fe4ecef6644d74c207d90eee3edb65168d68c183a10e710a53d8
sha512: 876133cd45f94d844231db67724f2b131b5d49a6a962a558355fb9fc4529e02603c920070cb7ca037be1b7126cd9c43744246433eb35f95e9d4eb36ea55d45f8
ssdeep: 3072:/2KmfzdnB2oBzrT7+Rb5nBZNWMWWN57HbEd:7Rb5nPNxD+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19FF33F3D697816E7D124C2B0EBE19427F0ABA9AE3631AC2370C75B451727D43799332E
sha3_384: af3d695f34705e4131db2796ff4c07a54e2bdd232b18403d0e6e661cd7905e102d812dcd5fd1d7e3e0be221386a2be06
ep_bytes: 68c01d4000e8f0ffffff000000000000
timestamp: 2012-03-01 13:24:00


Version Info:

Translation: 0x0409 0x04b0
ProductName: proTymTin
FileVersion: 1.00
ProductVersion: 1.00
InternalName: kl_worldc
OriginalFilename: kl_worldc.exe

Doina.15006 also known as:

LionicTrojan.Win32.Convagent.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Doina.15006
FireEyeGeneric.mg.7c0eb92a2bf7569c
ALYacGen:Variant.Doina.15006
CylanceUnsafe
VIPREGen:Variant.Doina.15006
SangforSpyware.Win32.Agent.Vvx4
K7AntiVirusSpyware ( 0047dd301 )
AlibabaTrojanSpy:Win32/APosT.24ad00a2
K7GWSpyware ( 0047dd301 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaAI:Packer.A55E517220
SymantecTrojan.Gen.MBT
ESET-NOD32Win32/Spy.KeyLogger.NZL
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Agen-7666161-0
KasperskyTrojan.Win32.APosT.vom
BitDefenderGen:Variant.Doina.15006
NANO-AntivirusTrojan.Win32.VBKrypt.fbgefz
ViRobotTrojan.Win32.Z.Vbkrypt.171240
AvastWin32:KeyloggerX-gen [Trj]
TencentMalware.Win32.Gencirc.114b40e7
Ad-AwareGen:Variant.Doina.15006
EmsisoftGen:Variant.Doina.15006 (B)
ZillyaTrojan.Keylogger.Win32.70192
TrendMicroTROJ_GEN.R002C0PGP22
McAfee-GW-EditionBackDoor-FHW
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan.Win32.Turla
GDataGen:Variant.Doina.15006
JiangminTrojan/VBKrypt.hxed
GoogleDetected
AviraTR/Dropper.Gen
MAXmalware (ai score=86)
Antiy-AVLTrojan/Generic.ASMalwS.39
ArcabitTrojan.Doina.D3A9E
ZoneAlarmTrojan.Win32.APosT.vom
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.KeyLogger.C245031
McAfeeBackDoor-FHW
VBA32Trojan.VBKrypt
MalwarebytesMalware.AI.659684166
TrendMicro-HouseCallTROJ_GEN.R002C0PGP22
RisingSpyware.KeyLogger!8.12F (CLOUD)
YandexTrojan.GenAsa!gNoFo9M3O64
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/KeyLogger.NZL!tr.spy
AVGWin32:KeyloggerX-gen [Trj]
Cybereasonmalicious.a2bf75

How to remove Doina.15006?

Doina.15006 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment