PUA

Falco Bundleware (PUA) removal instruction

Malware Removal

The Falco Bundleware (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Falco Bundleware (PUA) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Falco Bundleware (PUA)?



File Info:

name: CC28ACB0703D14CB5FA4.mlw
path: /opt/CAPEv2/storage/binaries/e3ce26cbcaf94a9b66c6ccc17c2b2acf6961d641ee68cf8c436a9854a58ecb77
crc32: 91340282
md5: cc28acb0703d14cb5fa410d058ddf126
sha1: 2eb476421f8f87240360e6bdb2ecfcdc7647f5f2
sha256: e3ce26cbcaf94a9b66c6ccc17c2b2acf6961d641ee68cf8c436a9854a58ecb77
sha512: e4a8958f6d3cbbc9673e22bff41114e11b99c9ac8813d2dc52f0107ccf60ebb5c954b6ad8f1028f9bf69e1f691a3264b2bbb9d70ee7644855e4e17cdbac9a0d3
ssdeep: 98304:/1QTe/6moPUz1uYXFGwJeeFCmn1jJBQB5UBPY5O:9VKMJXEwJ/FC21jnaoPwO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11A060227B298753ED4AE37350973A01058FBB6ADF417BE1676E4C48CCF261C01E3AA65
sha3_384: 2f743f6b7631cb13e685abcd804eb3b0941bc14364fed4b475cd03a08a04d9b8c874a306bc7a1738be7d9ff8623f7487
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2019-10-12 11:15:57


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: FalcoWare, Inc.                                             
FileDescription: Air Attack Ru Setup                                         
FileVersion:                     
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: Air Attack Ru                                               
ProductVersion:                                                   
Translation: 0x0000 0x04b0

Falco Bundleware (PUA) also known as:

BkavW32.AIDetectMalware
LionicAdware.Win32.Falco.2!c
SkyhighBehavesLike.Win32.BadFile.wc
McAfeeArtemis!CC28ACB0703D
Cylanceunsafe
SangforPUP.Win32.Agent.Vb17
CrowdStrikewin/grayware_confidence_100% (W)
CynetMalicious (score: 100)
AvastWin32:VSok-A [PUP]
SophosFalco Bundleware (PUA)
IkarusPUA.Falco
GoogleDetected
Antiy-AVLGrayWare[AdWare]/Win32.Falco.a
MicrosoftPUA:Win32/Presenoker
GDataWin32.Application.Falco.A
VaristW32/FalcoBundler.B.gen!Eldorado
MalwarebytesAdware.RelevantKnowledge
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetRiskware/Application
AVGWin32:VSok-A [PUP]
DeepInstinctMALICIOUS

How to remove Falco Bundleware (PUA)?

Falco Bundleware (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment