Malware

Downloader.73 removal

Malware Removal

The Downloader.73 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Downloader.73 virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Downloader.73?



File Info:

name: 27365F1F88C3358E465F.mlw
path: /opt/CAPEv2/storage/binaries/cf52d86eb9d698205a1ee94f8c3bf6822330d7e17e8a9ffb91648752e81a3b2e
crc32: 58199FCE
md5: 27365f1f88c3358e465f9f249d4a3bf3
sha1: 144543e34ee5715496def59149f3eca0ca9264b5
sha256: cf52d86eb9d698205a1ee94f8c3bf6822330d7e17e8a9ffb91648752e81a3b2e
sha512: 193d91a25e3050f2655efb464e03abd8ea69526b40e9315821ece76d48ee3f895175b44d83c6f7142066e2627cd1698e0f7b31519f686b30288d62f232adc51c
ssdeep: 768:9eIuZMeAfDyB5jMBrBrK0G08BC5lG+HlzI+yGz07xDMYQwi3NodnbcuyD7U:8IB5fGB5jMB9rNkC5lG+HW+yGzUQwi3k
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CE13F2A104F4BEA9CD0FDAB91E5F1C5A5876EA2E4B7C088203EC3133D49EC259E5C647
sha3_384: 7909e7bb56320d145c8fcd6b55d89b8e5bf58bc3881c82138a752204523a90bf773143f671e6f711b6c63faf3e1260d8
ep_bytes: 60be009041008dbe0080feff5789e58d
timestamp: 2010-12-08 09:24:13


Version Info:

0: [No Data]

Downloader.73 also known as:

Elasticmalicious (moderate confidence)
DrWebTrojan.DownLoad2.19313
MicroWorld-eScanGen:Variant.Downloader.73
ClamAVWin.Downloader.Fosniw-9931292-0
FireEyeGeneric.mg.27365f1f88c3358e
CAT-QuickHealTrojan.Emotet.MUE.A5
McAfeeGenericRXAA-AA!27365F1F88C3
ZillyaDownloader.Small.Win32.31933
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 0051b67e1 )
K7GWTrojan-Downloader ( 0051b67e1 )
CrowdStrikewin/malicious_confidence_90% (D)
BitDefenderThetaAI:Packer.8B3E815A1E
VirITTrojan.Win32.Generic.AXZF
CyrenW32/Downloader.BT.gen!Eldorado
SymantecW32.Palevo
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/TrojanDownloader.Fosniw.AU
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Downloader.73
NANO-AntivirusTrojan.Win32.Small.cdwdb
AvastWin32:Fosniw-C [Trj]
TencentWin32.Trojan.Generic.Ocnw
EmsisoftGen:Variant.Downloader.73 (B)
F-SecureTrojan.TR/Dldr.Fosniw.BA
BaiduWin32.Trojan-Downloader.Fosniw.a
VIPREGen:Variant.Downloader.73
TrendMicroWORM_PALEVO.SMCB
McAfee-GW-EditionBehavesLike.Win32.Generic.pc
Trapminemalicious.high.ml.score
SophosTroj/Fosniw-F
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Downloader.73
JiangminTrojanDownloader.Small.amfi
WebrootW32.Trojan.Gen
AviraTR/Dldr.Fosniw.BA
MAXmalware (ai score=80)
Antiy-AVLTrojan/Win32.Unknown
XcitiumTrojWare.Win32.TrojanDownloader.Small.fos@2mnb1g
ArcabitTrojan.Downloader.73
ViRobotTrojan.Win32.A.Downloader.45056.MR
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win32.Winsoft.R1521
ALYacGen:Variant.Downloader.73
VBA32BScope.Trojan.Download
Cylanceunsafe
PandaTrj/CI.A
TrendMicro-HouseCallWORM_PALEVO.SMCB
RisingDownloader.Fosniw!8.9DA (CLOUD)
YandexTrojan.GenAsa!wmJzewrZ7/A
IkarusTrojan-Dropper.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.N!tr
AVGWin32:Fosniw-C [Trj]
DeepInstinctMALICIOUS

How to remove Downloader.73?

Downloader.73 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment