Malware

What is “Downloader.Win32.Gamini.tk”?

Malware Removal

The Downloader.Win32.Gamini.tk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Downloader.Win32.Gamini.tk virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it

Related domains:

z.whorecord.xyz
reqbus.ru
a.tomx.xyz
get.adobe.com
ssl.google-analytics.com

How to determine Downloader.Win32.Gamini.tk?


File Info:

crc32: EA7A108F
md5: 10def62a93066dcd3d5ceedb3bf4a5ed
name: flashplayer.exe
sha1: 94dea25c37762639607652ac58a076deff7cada6
sha256: c83ce71b4bc0f0c2893510504a6ee2de9a08136614da8bc0209a78f75e8b14c7
sha512: 2ffd52f038400b168b4cf779975e9fb040280542d8b8cba1ac3658e3d2f45be600651bf9745717a797278b3a6a0c70da923752ffee369efe953ca1f0400b5541
ssdeep: 196608:Q//TEUowALgh1LghTLghJB0Bz/NrCu0RRXUHpVM/qWmXuZVUfHW8Smionbo6sQ:Or5VhyhIhJB0BTNrCuuXUHXMSTXseR+k
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright:
FileVersion:
CompanyName:
Comments: This installation was built with Inno Setup.
ProductName: Adobe Flash Player
ProductVersion:
FileDescription: Adobe Flash Player Setup (r16)
Translation: 0x0000 0x04b0

Downloader.Win32.Gamini.tk also known as:

BkavW32.AIDetectVM.malware2
CAT-QuickHealTrojan.Riskware
McAfeeArtemis!10DEF62A9306
CylanceUnsafe
SangforMalware
K7AntiVirusRiskware ( 0040eff71 )
K7GWRiskware ( 0040eff71 )
CyrenW32/Trojan.EFBX-0795
Kasperskynot-a-virus:Downloader.Win32.Gamini.tk
AlibabaDownloader:Win32/Gamini.a13edc24
AegisLabRiskware.Win32.Gamini.1!c
McAfee-GW-EditionArtemis!Trojan
IkarusTrojan-Downloader.Banload
ZoneAlarmnot-a-virus:Downloader.Win32.Gamini.tk
MicrosoftPUA:Win32/Presenoker
VBA32Downloader.Gamini
Qihoo-360Win32/Virus.Downloader.651

How to remove Downloader.Win32.Gamini.tk?

Downloader.Win32.Gamini.tk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment