PUA

Falco Bundleware (PUA) information

Malware Removal

The Falco Bundleware (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Falco Bundleware (PUA) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Falco Bundleware (PUA)?



File Info:

name: 43741C0337D1E44A53D9.mlw
path: /opt/CAPEv2/storage/binaries/b7ee187c411250252c583f36cb38a832718cc9bbd76a381c0481d98abb767242
crc32: EEC65371
md5: 43741c0337d1e44a53d9b4f47e6340dc
sha1: cd6338463d174fe8c99d22963db90a8448470307
sha256: b7ee187c411250252c583f36cb38a832718cc9bbd76a381c0481d98abb767242
sha512: ca5b89a4296f11d5638d8dee3777d943f56b75321e055465de1f3ff936f54c8d3a9a5e6c76e5a2c9f94512dbe4301691f61af4ff945ae99e1fd4b2d3e07459db
ssdeep: 98304:N1QTejLx5EXfWvtHarzK7UKFmydxOAkHlam/f8vcDK:bZLxKXfWvNaPGVdIham/I
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T197061227B298A53EC49A27354633A05058FBA7ADF817BE1677F0C48CCF365C01E3A665
sha3_384: e99d322f029521c5ff641113d4ebccb0f596c7e140be4ccec2ba3bc35ccdd042027130ca63c4741db04f5a48eb9cc6ff
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2019-10-12 11:15:58


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: FalcoWare, Inc.                                             
FileDescription: Turbamentum Setup                                           
FileVersion:                     
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: Turbamentum                                                 
ProductVersion:                                                   
Translation: 0x0000 0x04b0

Falco Bundleware (PUA) also known as:

BkavW32.AIDetectMalware
LionicAdware.Win32.Falco.2!c
SkyhighBehavesLike.Win32.BadFile.wc
McAfeeArtemis!43741C0337D1
Cylanceunsafe
SangforPUP.Win32.Agent.V9j3
AvastWin32:VSok-A [PUP]
SophosFalco Bundleware (PUA)
IkarusPUA.Falco
GoogleDetected
Antiy-AVLGrayWare[AdWare]/Win32.Falco.a
MicrosoftPUA:Win32/Presenoker
GDataWin32.Application.Falco.A
VaristW32/FalcoBundler.B.gen!Eldorado
MalwarebytesAdware.RelevantKnowledge
TrendMicro-HouseCallTROJ_GEN.R002H0CAJ24
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetRiskware/Application
AVGWin32:VSok-A [PUP]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_100% (W)

How to remove Falco Bundleware (PUA)?

Falco Bundleware (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment