PUA

Falco Bundleware (PUA) removal

Malware Removal

The Falco Bundleware (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Falco Bundleware (PUA) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Falco Bundleware (PUA)?



File Info:

name: D7DEA30AD5AC7484D32E.mlw
path: /opt/CAPEv2/storage/binaries/573723eebad58bec843214c07b65ebecd64ca0b082a02dc7e105b367511a0109
crc32: 43687C1D
md5: d7dea30ad5ac7484d32ec99d2154e27f
sha1: 143800d434345c489942c39cbcd25cd00e7dcf49
sha256: 573723eebad58bec843214c07b65ebecd64ca0b082a02dc7e105b367511a0109
sha512: 7e0810b911b97d9c0d0b2bdeee04768349f1493fe98fb3e577c1fdffd41a2684568951fe95e0eb7af263f42f3600a8b31f2736953f1fc098e685b954e8dde2f6
ssdeep: 98304:u1QTgXijjg4nP5+8+xhC5NSqyNhVjM5qntIktp6pRpvsFl64eV9G:iujg4nhn5Dko5eIwUDpvsFU4g8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A1060227B289A53EC45E67354673A01058FFB6ADF817BE1636F4C48CCF225C01E3AA65
sha3_384: c9850bc53fbb73ed2be544611e0c6a5127ee70a147de16b6e43a0edeb3acf7d850652fe883224ae33765218d1db5d4dd
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2019-10-12 11:15:57


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: FalcoWare, Inc.                                             
FileDescription: Sujiva Setup                                                
FileVersion:                     
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: Sujiva                                                      
ProductVersion:                                                   
Translation: 0x0000 0x04b0

Falco Bundleware (PUA) also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Falco.4!c
Cylanceunsafe
SangforPUP.Win32.Agent.V04q
CrowdStrikewin/grayware_confidence_100% (W)
CynetMalicious (score: 100)
AvastWin32:VSok-A [PUP]
SophosFalco Bundleware (PUA)
IkarusPUA.BundleLoader
VaristW32/FalcoBundler.B.gen!Eldorado
Antiy-AVLGrayWare[AdWare]/Win32.Falco.a
MicrosoftPUA:Win32/Presenoker
GDataWin32.Application.Falco.A
GoogleDetected
MalwarebytesGeneric.Malware.AI.DDS
TrendMicro-HouseCallTROJ_GEN.R002H0CAG24
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetRiskware/Application
AVGWin32:VSok-A [PUP]
DeepInstinctMALICIOUS

How to remove Falco Bundleware (PUA)?

Falco Bundleware (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment