About “Doina.66756” infection

The Doina.66756 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Doina.66756 virus can do?

Uses Windows utilities for basic functionality
Authenticode signature is invalid

How to determine Doina.66756?


File Info:
name: 6AB664EC770131E2FE9E.mlw
path: /opt/CAPEv2/storage/binaries/55ebdad934eb0f415cdd5682ebbe5602fffe4a2bea6d3c16d51d06e6a91f22f5
crc32: 1FDC9E87
md5: 6ab664ec770131e2fe9eaf4e026212b7
sha1: 9235a8823dd38b045e135ea430041dbddf1a3f7d
sha256: 55ebdad934eb0f415cdd5682ebbe5602fffe4a2bea6d3c16d51d06e6a91f22f5
sha512: 5c2a7dd81c9958b0346e672f56ddc8d5c5b753f5e829edf69677230b305b7f881ff21c3d1fefeb40a66e0581e9807931740f2fdff3f6022a750f8f5d86689598
ssdeep: 6144:Bs7Y7/1EUHEFWLB1YuA4SMmJTHTDtk1ExJh+AO9RC1v:Bsy/1EUHEFWLnYudSt+01v
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T125348D1078D1C472D972153609B8DBB54A7EBD200F20DAEB63D41B7ADE302D19A36B7B
sha3_384: 7b031399f0efddadb97e460a07d11b2bf2424880e2cdf137db743f4138e8ed4ef08a3a0363a3b6146aa6aec48accaf72
ep_bytes: e882040000e974feffff836104008bc1
timestamp: 2023-11-15 07:45:37

Version Info:
0: [No Data]

Doina.66756 also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Variant.Doina.66756
FireEye	Gen:Variant.Doina.66756
Skyhigh	BehavesLike.Win32.BadFile.dh
ALYac	Gen:Variant.Doina.66756
Arcabit	Trojan.Doina.D104C4
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Spy.KeyLogger.RHY
Cynet	Malicious (score: 100)
APEX	Malicious
Kaspersky	VHO:Trojan-Dropper.Win32.Convagent.gen
BitDefender	Gen:Variant.Doina.66756
Avast	Win32:RATX-gen [Trj]
Tencent	Trojan-Spy.Win32.KeyLogger.kb
Emsisoft	Gen:Variant.Doina.66756 (B)
F-Secure	Trojan.TR/Spy.KeyLogger.wtwuf
VIPRE	Gen:Variant.Doina.66756
Trapmine	suspicious.low.ml.score
SentinelOne	Static AI – Suspicious PE
Varist	W32/Kryptik.LBC.gen!Eldorado
Avira	TR/Spy.KeyLogger.wtwuf
MAX	malware (ai score=85)
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	VHO:Trojan-Dropper.Win32.Convagent.gen
GData	Win32.Trojan.PSE.18CXD4
Google	Detected
McAfee	Artemis!6AB664EC7701
VBA32	BScope.Trojan.DarkComet
Rising	Trojan.Generic@AI.100 (RDML:H4HkRSzgqMnfmVp+KJo4tw)
Ikarus	Trojan-Spy.Win32.KeyLogger
Fortinet	W32/Agent.AFZV!tr
BitDefenderTheta	Gen:NN.ZexaF.36792.pqW@amwUoXm
AVG	Win32:RATX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Doina.66756?

Doina.66756 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X