Malware

How to remove “Doina.69082”?

Malware Removal

The Doina.69082 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Doina.69082 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Uses Windows utilities for basic functionality
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities to create a scheduled task
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Deletes executed files from disk
  • Attempts to disable UAC
  • Attempts to modify Explorer settings to prevent file extensions from being displayed
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Uses suspicious command line tools or Windows utilities
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Doina.69082?



File Info:

name: D59DDE34F874E25B1F04.mlw
path: /opt/CAPEv2/storage/binaries/e607f0fa23e942ad0f68fadef46e1f524be373365be4f3676899503e2f6b65a5
crc32: 2A216AE9
md5: d59dde34f874e25b1f046da9e18f7d0c
sha1: 384d35f404acfb2644ff160084bb5989a45385a6
sha256: e607f0fa23e942ad0f68fadef46e1f524be373365be4f3676899503e2f6b65a5
sha512: a623575bd6bdfc380dc6c1acb837d6b327cdd8ef42a9227f11f38754673622977ea3661d7ae67e5645963b0fe3b679713475e5bcfb7238c64c22b7f7511ff231
ssdeep: 12288:YqeYgkTdZnnQvQ3AzSD5KJw49rHXBbvU9TBc1Vkn0/d9biWfqXez+mi7Qtz/2:YqeY9ZQvQ592w4Lwnkd9bKOz+myQtz/
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A8C423B7462E82A0F8CDDFB7181B50E515EE6DBA442C507B0D24DECB90729EB7212BD1
sha3_384: f5db653cb766509b252f21aecdc35158c551867c494c056f57c97a608b453961aa44ac51b0b77aba0d20b6ba584fa89d
ep_bytes: 60be00d041008dbe0040feff5783cdff
timestamp: 2015-01-06 00:36:08


Version Info:

0: [No Data]

Doina.69082 also known as:

BkavW32.MosquitoQKB.Fam.Trojan
LionicTrojan.Win32.VirLock.4!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Variant.Doina.69082
FireEyeGeneric.mg.d59dde34f874e25b
SkyhighBehavesLike.Win32.PolyPatch.hc
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusVirus ( 005662d71 )
K7GWVirus ( 005662d71 )
Cybereasonmalicious.4f874e
BitDefenderThetaAI:Packer.1FB8F5301F
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Virlock.D
APEXMalicious
CynetMalicious (score: 100)
BitDefenderGen:Variant.Doina.69082
NANO-AntivirusTrojan.Win32.Gena.doticp
AvastWin32:VirLock-B [Trj]
TencentWin32.Virus.Virlock.Ssmw
TACHYONVirus/W32.VirRansom
SophosW32/VirRnsm-C
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebWin32.VirLock.10
VIPREGen:Variant.Doina.69082
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Doina.69082 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Doina.69082
VaristW32/Virlock.N.gen!Eldorado
AviraTR/Crypt.XPACK.Gen
ArcabitTrojan.Doina.D10DDA
MicrosoftVirus:Win32/Nabucur.A
GoogleDetected
Acronissuspicious
VBA32Virus.VirLock
ALYacGen:Variant.Doina.69082
MAXmalware (ai score=82)
MalwarebytesGeneric.Malware.AI.DDS
PandaGeneric Suspicious
RisingTrojan.Generic@AI.100 (RDML:Yb6B/oHw3QAdVEBhAY8K9w)
FortinetW32/Virlock.D
AVGWin32:VirLock-B [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Doina.69082?

Doina.69082 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment