PUA

About “Generic PUA CC (PUA)” infection

Malware Removal

The Generic PUA CC (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic PUA CC (PUA) virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Performs some HTTP requests
  • Attempts to modify proxy settings

Related domains:

stat.offerbox.io

How to determine Generic PUA CC (PUA)?



File Info:

crc32: 64327EF5
md5: f5cf1460ab62b691698aa7313d9b9bd5
name: igra_lyubov_zlyh_ptic.exe
sha1: 436cc8bd8cea0b5f64ef479cbce9f8a6833a52ff
sha256: 8c37c61c7263409f4be50082043e4e14abc9a8b2a08987537b759c371997bd29
sha512: e8356900c00c777e2c8b0490ded36ba60fc94fe2128c22244b2ec588c6690abb3e66ed6d22bf5fa7d42a29afc83226f2cfb52c5ffee1b8bad49fd4eb388243ed
ssdeep: 98304:t2hIphXaQ3pKMTsyIwlvLnOGXylCXlSL4PwEC:t7/XP3MG1Iw7ys24Y9
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName: Offerbox                                                    
Comments: This installation was built with Inno Setup.
ProductName: igra_lyubov_zlyh_ptic                                       
ProductVersion: 0.0.0.1                                           
FileDescription: igra_lyubov_zlyh_ptic Setup                                 
Translation: 0x0000 0x04b0

Generic PUA CC (PUA) also known as:

FireEyeGeneric.mg.f5cf1460ab62b691
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusAdware ( 0053dc471 )
K7GWAdware ( 0053dc471 )
CrowdStrikewin/malicious_confidence_80% (D)
TrendMicroTROJ_GEN.R007C0OEJ20
CyrenW32/S-70232f14!Eldorado
SymantecSMG.Heur!gen
ESET-NOD32a variant of Win32/Appster.D potentially unwanted
TrendMicro-HouseCallTROJ_GEN.R007C0OEJ20
AvastWin32:UnwantedSig [PUP]
GDataNSIS.Application.Offerbox.A
Kasperskynot-a-virus:HEUR:Downloader.Win32.OfferInstall.gen
AlibabaDownloader:Win32/OfferInstall.7086d662
NANO-AntivirusTrojan.Win32.Magala.flpthi
ViRobotAdware.Ursu.3536584
AegisLabRiskware.Win32.OfferInstall.1!c
SophosGeneric PUA CC (PUA)
ComodoApplication.Win32.Appster.CB@7yjsvh
F-SecureHeuristic.HEUR/AGEN.1109570
DrWebProgram.Appset.14
Invinceaheuristic
EmsisoftApplication.Agent (A)
APEXMalicious
AviraHEUR/AGEN.1109570
Antiy-AVLGrayWare[AdWare]/Win32.Appster.a
Endgamemalicious (high confidence)
AhnLab-V3PUP/Win32.OfferInstaller.R249693
ZoneAlarmnot-a-virus:HEUR:Downloader.Win32.OfferInstall.gen
MicrosoftPUA:Win32/Offerbox
CynetMalicious (score: 85)
McAfeeArtemis!F5CF1460AB62
VBA32Downloader.OfferInstall
MalwarebytesPUP.Optional.AppsetOffer
PandaPUP/Multitoolbar
RisingAdware.AppsetOffer!1.B831 (CLASSIC)
FortinetRiskware/OfferInstall
WebrootW32.Adware.Gen
AVGWin32:UnwantedSig [PUP]
Qihoo-360Win32/Trojan.e07

How to remove Generic PUA CC (PUA)?

Generic PUA CC (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment