Malware

What is “Doina.55857”?

Malware Removal

The Doina.55857 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Doina.55857 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family

How to determine Doina.55857?



File Info:

name: 776568DE43BDB8C36AA8.mlw
path: /opt/CAPEv2/storage/binaries/7ddd4a6aeb8712a2330ea4019a0a7532ad7ae8af1fa426abd564636a4e306332
crc32: 3EC7E7CA
md5: 776568de43bdb8c36aa8860276d0edab
sha1: 8cec3f7b5cc6ab83a8362b4aaea8c295809eb38e
sha256: 7ddd4a6aeb8712a2330ea4019a0a7532ad7ae8af1fa426abd564636a4e306332
sha512: def50751f5b23e6c5f1d2e5b40f9ca9c9797b58b7345ccb6f4129d1d951702230350d6e0769eb35b5998d0497db56ad95d7f9e74e62638d17d24c95bd67f3f7e
ssdeep: 98304:y54xSL7FtU1VqsfOq9F4XiKtcNoCn/lCSMf0XwwU6uUfn:y54xS0iYOgOiKtcN/n/l60XPUsv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T124E50242A6B140B3C89782754B7D1B32697A7A615321C6C7F3DC5D190F623E0EA3A3E7
sha3_384: 2bfe1a18e51b333e675703f762cca4d0b96b09a05cec5ef48134bdcb13a78e405e68aa6a09c19ce2aa3966d62378cd1c
ep_bytes: e8615a0000e9000000006a1468b8436d
timestamp: 2023-04-05 11:48:39


Version Info:

CompanyName: The Chromium Authors
FileDescription: Chromium
FileVersion: 1.4.37.163
LegalCopyright: Copyright 2022 The Chromium Authors. All rights reserved
ProductName: Chromium
ProductVersion: 1.4.37.163
Translation: 0x0804 0x04b0

Doina.55857 also known as:

MicroWorld-eScanGen:Variant.Doina.55857
SkyhighArtemis!Trojan
Cylanceunsafe
ZillyaTrojan.AgentAGen.Win64.1345
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
ESET-NOD32a variant of Win32/Mingloa.K
CynetMalicious (score: 99)
BitDefenderGen:Variant.Doina.55857
TencentWin32.Trojan.ATRAPS.Aujl
EmsisoftGen:Variant.Doina.55857 (B)
F-SecureTrojan.TR/ATRAPS.Gen
VIPREGen:Variant.Doina.55857
TrendMicroTROJ_GEN.R002C0DDB24
IkarusTrojan.Win64.Agent
GDataGen:Variant.Doina.55857
VaristW32/Agent.FVY.gen!Eldorado
AviraTR/ATRAPS.Gen
ArcabitTrojan.Doina.DDA31
MicrosoftTrojan:Win32/Rootkit!MSR
GoogleDetected
McAfeeArtemis!776568DE43BD
MAXmalware (ai score=88)
VBA32BScope.Trojan.Wacatac
TrendMicro-HouseCallTROJ_GEN.R002C0DDB24
RisingRootkit.Hijacker!1.E450 (CLASSIC)
MaxSecureTrojan.Malware.208758003.susgen
FortinetW64/Agent_AGen.UP!tr
DeepInstinctMALICIOUS

How to remove Doina.55857?

Doina.55857 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment