PUA

About “Download Studio (PUA)” infection

Malware Removal

The Download Studio (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Download Studio (PUA) virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image

How to determine Download Studio (PUA)?



File Info:

name: 151D231572795D683CB7.mlw
path: /opt/CAPEv2/storage/binaries/8e456ae459cc8d818a3a72e68cd6a53346c0733d9e538098d0187e6acee3e8f5
crc32: 6574EB16
md5: 151d231572795d683cb7c35e0cc908c3
sha1: eba2b6e5366659b76b8a178cff05418f8ff5aa64
sha256: 8e456ae459cc8d818a3a72e68cd6a53346c0733d9e538098d0187e6acee3e8f5
sha512: 988edfa6c2089dfccdf5975c43c38421e2701532063011458db96069f5dba15d961a52f6afca03104f03c621369f9f01340cfbe8458492a362f0635e1db19a09
ssdeep: 12288:IgNPZW6UvEmC0I7B+itMCJhmK5O5GQplV+ZfqKhpBevC+DpR+KN:Ig2fv+TVJYdQQpLChp+C+lh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B2B41281344080FBF87B4A335161DD7A6CE6BE2469504A877E98FF6F3933695DA06332
sha3_384: 36844c1d66dbe581fb2b9fa58d338121cb8e230519100f90a11cff39bb1bc6bd46793d717f5cc51d8f37b919e6a71367
ep_bytes: 81ecd40200005356576a205f33db6801
timestamp: 2021-07-24 22:19:26


Version Info:

CompanyName: Download Studio Project
FileDescription: Download Studio Setup
FileVersion: 1.17.0.0
LegalCopyright: 2021 (c) Download Studio Project
ProductName: Download Studio
ProductVersion: 1.17.0.0
Translation: 0x04b0 0x04b0

Download Studio (PUA) also known as:

LionicRiskware.Win32.DStudio.1!c
MicroWorld-eScanGen:Variant.Ser.Bulz.680
FireEyeGen:Variant.Ser.Bulz.680
McAfeeDStudio-IFA
CylanceUnsafe
ZillyaTrojan.GenCBL.Win32.1879
SangforPUP.Win32.DStudio.gen
K7GWAdware ( 005817161 )
K7AntiVirusAdware ( 005817161 )
CyrenW32/Trojan.QVAD-7113
ESET-NOD32a variant of Win32/GenCBL.AYU
Kasperskynot-a-virus:HEUR:Downloader.Win32.DStudio.gen
BitDefenderGen:Variant.Ser.Bulz.680
SUPERAntiSpywarePUP.Downloader/Variant
Ad-AwareGen:Variant.Ser.Bulz.680
EmsisoftApplication.Downloader (A)
DrWebAdware.Downware.19959
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PL921
McAfee-GW-EditionDStudio-IFA
SophosDownload Studio (PUA)
GDataGen:Variant.Ser.Bulz.680
AviraHEUR/AGEN.1145138
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
VBA32Downloader.DStudio
ALYacGen:Variant.Ser.Bulz.680
MAXmalware (ai score=88)
MalwarebytesPUP.Optional.DStudio
TrendMicro-HouseCallTROJ_GEN.R002C0PL921
FortinetAdware/DStudio
MaxSecureDownloader.Downloader.DStudio.gen_214780

How to remove Download Studio (PUA)?

Download Studio (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment