Malware

What is “Downloader.Win32.WebCompanion.qbq”?

Malware Removal

The Downloader.Win32.WebCompanion.qbq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Downloader.Win32.WebCompanion.qbq virus can do?

  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Deletes executed files from disk

How to determine Downloader.Win32.WebCompanion.qbq?



File Info:

name: 0B12D592D679E858EEC3.mlw
path: /opt/CAPEv2/storage/binaries/a10af3265ff067896a4ef87f4e88a65ff1b21494fa6d7207f2c51b745c12fcb8
crc32: 75EB391D
md5: 0b12d592d679e858eec3b7366dbea153
sha1: 89fcddde8fdbcce2c33a37d472231888708962c7
sha256: a10af3265ff067896a4ef87f4e88a65ff1b21494fa6d7207f2c51b745c12fcb8
sha512: 91e11d38107fb56151b51d70d6a8e511f45a2508b62fd7d1f32c2b2c21a11f28d145341cc722c79ca05535ad622c16226d24d49841ee07c0c0e04060290c5745
ssdeep: 24576:ZfujpJreKm17qzTnprhsHOJJeuVmFDES4Aj9daugwnq8IGiI/:hK47s6uJJeuV+AS4Aj9dPq8cI/
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B445233329D441A5DA875EB088ACA2A2F3D3FD02DDA04757F344994039397DBAB2DD93
sha3_384: 1b6c31df7b48de77ddb1f6cf9f529c973154184b7bd462037ed511a94a5dbb2c7a7dd8c716fcec1325bf67cbb8867eaf
ep_bytes: 558d6c248881ecf00300005356576a20
timestamp: 2021-11-22 09:54:40


Version Info:

0: [No Data]

Downloader.Win32.WebCompanion.qbq also known as:

BkavW32.AIDetectMalware
LionicRiskware.Win32.WebCompanion.1!c
AVGWin32:Evo-gen [Trj]
FireEyeGeneric.mg.0b12d592d679e858
SkyhighBehavesLike.Win32.Backdoor.tc
McAfeeArtemis!0B12D592D679
Cylanceunsafe
SangforDownloader.Win32.Webcompanion.V9ym
AlibabaDownloader:Win32/WebCompanion.61034883
CrowdStrikewin/malicious_confidence_70% (W)
CynetMalicious (score: 100)
APEXMalicious
Kasperskynot-a-virus:Downloader.Win32.WebCompanion.qbq
NANO-AntivirusTrojan.Win32.Cloader.juyuxm
AvastWin32:Evo-gen [Trj]
Trapminemalicious.high.ml.score
IkarusPUA.Bundler
JiangminTrojan.Skillis.ii
Antiy-AVLTrojan/Win32.Skillis
ZoneAlarmnot-a-virus:Downloader.Win32.WebCompanion.qbq
VBA32suspected of Trojan.Downloader.gen
MalwarebytesPUP.Optional.BundleInstaller.DDS
DeepInstinctMALICIOUS

How to remove Downloader.Win32.WebCompanion.qbq?

Downloader.Win32.WebCompanion.qbq removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment