PUA

Falco Bundleware (PUA) malicious file

Malware Removal

The Falco Bundleware (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Falco Bundleware (PUA) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Falco Bundleware (PUA)?



File Info:

name: F7FCB52EC11EA5B86BEF.mlw
path: /opt/CAPEv2/storage/binaries/60d92b1211a292011cbe6cd3a55bf532bb4a107ef2c31b643da6e533a0e0f639
crc32: C46C2FBA
md5: f7fcb52ec11ea5b86bef4e854e3abb06
sha1: 942ebca4d57cff521272cc5b033fc8395a4c9f8e
sha256: 60d92b1211a292011cbe6cd3a55bf532bb4a107ef2c31b643da6e533a0e0f639
sha512: 4d13a77d60365878ac6a052555cc2d896326c3e0f6b1ce1a2f8dd4e4c3ddd9fcb69ed36237102f95a3a90e0d378c30862a07bec0d2143cbb582403bf2023663a
ssdeep: 98304:dHDl/L7lJsLfvTWMHXdXgSSmlMTbO3vkkIv5SQxMC:lR/X7GDWMHXFDD/MBR7aC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A8063312F3CB9176F02D5D714C2580499E93B67D95F8811E3FF9C60E8CB6AA26CB9B01
sha3_384: 0d3e3543318a0faa1760cb4c6b3bc91a0aecd9d2535e38c2ab695c81b50be5a9f9ec4bbb75516a0d40c02a2db0f669d2
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2018-06-14 13:27:46


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: FalcoWare, Inc.                                             
FileDescription: Fall Of Bear Setup                                          
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Fall Of Bear                                                
ProductVersion:                                                   
Translation: 0x0000 0x04b0

Falco Bundleware (PUA) also known as:

BkavW32.AIDetectMalware
MalwarebytesAdware.RelevantKnowledge
CrowdStrikewin/grayware_confidence_70% (D)
K7GWRiskware ( 00584baa1 )
K7AntiVirusRiskware ( 00584baa1 )
AvastWin32:VSok-A [PUP]
SophosFalco Bundleware (PUA)
VaristW32/FalcoBundler.C.gen!Eldorado
GDataWin32.Application.Falco.A
GoogleDetected
IkarusPUA.Falco
AVGWin32:VSok-A [PUP]

How to remove Falco Bundleware (PUA)?

Falco Bundleware (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment