Malware

Should I remove “Downloader.Win32.InnoBundle.aobm”?

Malware Removal

The Downloader.Win32.InnoBundle.aobm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Downloader.Win32.InnoBundle.aobm virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Harvests credentials from local FTP client softwares

How to determine Downloader.Win32.InnoBundle.aobm?



File Info:

name: D15D6BE9B24FD4DF4188.mlw
path: /opt/CAPEv2/storage/binaries/3c351e690d9aec49f6ed9237c285b53c09af4450fd44afb647ea6a1d2dd08568
crc32: 2445B469
md5: d15d6be9b24fd4df418856cfe5a3592f
sha1: 7500d074707fe6e15974b2d341fab1ab9db0d224
sha256: 3c351e690d9aec49f6ed9237c285b53c09af4450fd44afb647ea6a1d2dd08568
sha512: e925b87c59b6f01366745d09fe5441e70f35e0a3943bcac359bd5808819e5b6fe99f1ec919d4c3dd79a8ef9c9e74fc3e1bc77e1d7dc0e41e24347cf5530534e8
ssdeep: 196608:A8Ah0HFc1+v+BXyhEFh2d7s292mv7fyfjFS9BtOMuh3yge03an:A8Ayla+v+BX8UwR2mv76rFIiXh3ySs
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E696233BB258653FD4AE1B3149B39350857B7B61A81E8C2B0BF0091CCFA65711E3FA56
sha3_384: 8bc23241b477dbea488a12f19afcca0a501800065240de0980e4bdb576ebed742a8fca53648f57407583902091e83bf0
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2020-11-15 09:48:30


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Totall Commander Setup (r2401051200)                        
FileVersion: 9.22                
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: Totall Commander                                            
ProductVersion: 9.22                                              
Translation: 0x0000 0x04b0

Downloader.Win32.InnoBundle.aobm also known as:

BkavW32.AIDetectMalware
LionicRiskware.Win32.InnoBundle.1!c
Elasticmalicious (high confidence)
SkyhighBehavesLike.Win32.Generic.rc
MalwarebytesGeneric.Malware/Suspicious
SangforDownloader.Win32.Innobundle.V3ck
K7AntiVirusRiskware ( 00584baa1 )
AlibabaDownloader:Win32/InnoBundle.3b301ac2
K7GWRiskware ( 00584baa1 )
CrowdStrikewin/grayware_confidence_70% (W)
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:Downloader.Win32.InnoBundle.aobm
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.13fc1c5a
SophosGeneric Reputation PUA (PUA)
F-SecureHeuristic.HEUR/AGEN.1368613
AviraHEUR/AGEN.1368613
ZoneAlarmnot-a-virus:Downloader.Win32.InnoBundle.aobm
McAfeeArtemis!D15D6BE9B24F
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H07AC24
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
Cybereasonmalicious.4707fe
DeepInstinctMALICIOUS

How to remove Downloader.Win32.InnoBundle.aobm?

Downloader.Win32.InnoBundle.aobm removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment