Doina.46066 removal guide

The Doina.46066 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Doina.46066 virus can do?

Yara rule detections observed from a process memory dump/dropped files/CAPE
Authenticode signature is invalid
CAPE detected the RedLine malware family

How to determine Doina.46066?


File Info:
name: A751294ADBD646505858.mlw
path: /opt/CAPEv2/storage/binaries/9e869f4d4419dcfd90105276372935a017c56e35c357cdd0bfefbccbbec99543
crc32: 5B7A0570
md5: a751294adbd64650585844436c381490
sha1: 905618631ff844a143d373dcad8997bd5efa35ab
sha256: 9e869f4d4419dcfd90105276372935a017c56e35c357cdd0bfefbccbbec99543
sha512: 73eeea7776edf1d5c010f9634b0706a9ca5fed1f3a76696b887e5abc9e526a33c6892942533f5227f74cda743733c94557754ff89c9f1a32237a511c8f3a39f0
ssdeep: 6144:P4JhM3+JN5HlK2WvStSsk66ZivHz2x/j1Nv:+hMOf5FK2WvSjd6yHz2t
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T15E34AE53B080516DF1F6D1FC10E28391E33E9D7DAF9C158BEA7C0729A7140E2A674B9A
sha3_384: 725199381e2cf23aaca00833f2b088b267030723ff4165cdea2d816597c3cebc754834aeba60c7e8ef4361cc21bc2800
ep_bytes: e8f83d0000e9a4feffffcccccccccccc
timestamp: 2022-11-19 05:45:58

Version Info:
Comments: Generalist conclusion
CompanyName: Highwayman inordinately lunchers
FileDescription: Incites interposition eulogise naked arcadia friar
FileVersion: 1.278.118.6
InternalName: Predilections
LegalCopyright: Copyright © Tweaking spellbound clinching apology
LegalTrademarks: Obstruct lux prefabrication split atomicity
OriginalFilename: Parable beery
ProductName: Honors balmy
ProductVersion: 1.278.118.6
Translation: 0x081a 0x081a

Doina.46066 also known as:

Bkav	W32.AIDetect.malware2
Cylance	Unsafe
VIPRE	Gen:Variant.Doina.46066
CrowdStrike	win/malicious_confidence_90% (D)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/GenKryptik.GCNF
APEX	Malicious
Kaspersky	HEUR:Trojan-Spy.Win32.Stealer.gen
BitDefender	Gen:Variant.Doina.46066
MicroWorld-eScan	Gen:Variant.Doina.46066
Avast	Win32:PWSX-gen [Trj]
Ad-Aware	Gen:Variant.Doina.46066
Emsisoft	Gen:Variant.Doina.46066 (B)
DrWeb	Trojan.Siggen19.10023
Trapmine	suspicious.low.ml.score
FireEye	Generic.mg.a751294adbd64650
Sophos	ML/PE-A
Ikarus	Trojan.Win32.Crypt
MAX	malware (ai score=86)
Antiy-AVL	Trojan/Win32.GenKryptik
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Arcabit	Trojan.Doina.DB3F2
ZoneAlarm	HEUR:Trojan-Spy.Win32.Stealer.gen
GData	Gen:Variant.Doina.46066
Google	Detected
AhnLab-V3	Trojan/Win.PWSX-gen.R535119
ALYac	Gen:Variant.Doina.46066
VBA32	BScope.TrojanPSW.RedLine
Malwarebytes	Spyware.RedLineStealer
Rising	Backdoor.Agent!8.C5D (TFE:5:cmj1PAw89XR)
BitDefenderTheta	Gen:NN.ZexaE.34796.oq0@auHxB7hi
AVG	Win32:PWSX-gen [Trj]

How to remove Doina.46066?

Doina.46066 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X