Malware

What is “Doina.60575”?

Malware Removal

The Doina.60575 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Doina.60575 virus can do?

  • Sample contains Overlay data
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Doina.60575?



File Info:

name: 9187488E87846DC36EF8.mlw
path: /opt/CAPEv2/storage/binaries/088f3358c990358fa34e7a53a0f3f86a2020c4c5d823879dd8a3236ce9ac2f92
crc32: E6BDDD53
md5: 9187488e87846dc36ef84ed851896d1c
sha1: ba224137a3bdccf9ff4a8d0969efb8cbf6f73969
sha256: 088f3358c990358fa34e7a53a0f3f86a2020c4c5d823879dd8a3236ce9ac2f92
sha512: d57dd8d05695c8309e723ca24c9c0ae36940c173f021a4ee20aa34ffcd6093a4a23a2d01a221430c56ccde89e20ac42325fe5bea684ba071d45608bde357ace9
ssdeep: 12288:b1p6fvmpIV3CHyixmGmTnT1GFsxtIgJTAtJlEF2mXxGkgZYhBu0wQ:RAfiIVSHyiiFGFsUgJTArlwJXkkNVwQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E7F458213B8C8422F473133065F5A666496DBC2D1A6CDF8F5290BBE5EBF13EB5522207
sha3_384: 46c65494ad72196ed37994ffb98e619892447064e6ede96d2727857bec6dc7bd20f17ac517dd372a7b7a64ad2b54c8b1
ep_bytes: e8612a0000e989feffff8bff558bec83
timestamp: 2015-02-10 08:19:47


Version Info:

CompanyName: Sogou.com Inc.
FileDescription: 搜狗高速下载助手安装包
FileVersion: 2.0.5.11
InternalName: MiniDownLoad.exe
LegalCopyright: © 2014 Sogou.com Inc. All rights reserved.
OriginalFilename: MiniDownLoad.exe
ProductName: 搜狗高速下载助手
ProductVersion: 2.0.5.11
Translation: 0x0804 0x04b0

Doina.60575 also known as:

BkavW32.AIDetectMalware
MicroWorld-eScanGen:Variant.Doina.60575
FireEyeGen:Variant.Doina.60575
MalwarebytesGeneric.Malware.AI.DDS
VIPREGen:Variant.Doina.60575
K7AntiVirusAdware ( 004ccd0a1 )
K7GWAdware ( 004ccd0a1 )
VirITPUP.Win32.Beijing.M
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Downloader.Sogou.AA potentially unwanted
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:Downloader.Win32.SogouLoad.gen
BitDefenderGen:Variant.Doina.60575
NANO-AntivirusTrojan.Nsis.TrjGen.dytyer
EmsisoftGen:Variant.Doina.60575 (B)
DrWebBackDoor.Gbot.2833
ZillyaDownloader.Genome.Win32.60189
SophosGeneric ML PUA (PUA)
GDataGen:Variant.Doina.60575
Antiy-AVLRiskWare[Downloader]/Win32.Sogou
ArcabitTrojan.Doina.DEC9F
ZoneAlarmnot-a-virus:HEUR:Downloader.Win32.SogouLoad.gen
ALYacGen:Variant.Doina.60575
MAXmalware (ai score=80)
RisingTrojan.Generic@AI.95 (RDMK:O5EvmHiBGHw27MQk4E5AlQ)
YandexTrojan.GenAsa!MM2U8fzi9lM
CrowdStrikewin/grayware_confidence_100% (D)

How to remove Doina.60575?

Doina.60575 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment