PUA

About “Falco Bundleware (PUA)” infection

Malware Removal

The Falco Bundleware (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Falco Bundleware (PUA) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Falco Bundleware (PUA)?



File Info:

name: 9613B45F4089091D90DD.mlw
path: /opt/CAPEv2/storage/binaries/3d5e030a1d71152dbab59157ac6411b92b9aad1fb93c764a497a1a552cf0f49d
crc32: DAE088D6
md5: 9613b45f4089091d90dde531964e173c
sha1: 7e3cf93d7a48b23a584df5ff39bc75d096160d8d
sha256: 3d5e030a1d71152dbab59157ac6411b92b9aad1fb93c764a497a1a552cf0f49d
sha512: 88681b50d2ceff051e7c9dc6279eb82fdb202cbd1d0644a9ecc1c15ddda61dd28a883827a32dc0efd164cdd5c943ba5bb810f679af3268a6b95094f3be56f80b
ssdeep: 98304:tXijjg4nP5+8+xhC5NSqyNhVjMLqpFaniioNncwyjQIUkWa+h3KCPY9yZ+25juds:sjg4nhn5Dko+a+ncZlUwQ6QY9yTjuJHo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12F3633D2F3C600B0F82394745C669058EF1B797A58FA266A1D38D48DDD78BD6AC3B342
sha3_384: 31b9efbd0fdc55de17ac6398b3f0ee2e7ce351e69bb7f187b26a540a61ebc0677549a52162679e2ba3afc224d7fae725
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2018-06-14 13:27:46


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: FalcoWare, Inc.                                             
FileDescription: Wormags Setup                                               
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Wormags                                                     
ProductVersion:                                                   
Translation: 0x0000 0x04b0

Falco Bundleware (PUA) also known as:

BkavW32.AIDetectMalware
SkyhighBehavesLike.Win32.BadFile.rc
SangforTrojan.Win32.Agent.Vzgh
K7GWRiskware ( 00584baa1 )
CynetMalicious (score: 100)
AvastWin32:VSok-A [PUP]
SophosFalco Bundleware (PUA)
GoogleDetected
GDataWin32.Application.Falco.A
VaristW32/FalcoBundler.C.gen!Eldorado
McAfeeArtemis!9613B45F4089
MalwarebytesGeneric.Malware.AI.DDS
IkarusPUA.BundleLoader
FortinetRiskware/Application
AVGWin32:VSok-A [PUP]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_90% (W)

How to remove Falco Bundleware (PUA)?

Falco Bundleware (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment