Categories: PUA

About “Generic PUA CC (PUA)” infection

The Generic PUA CC (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Generic PUA CC (PUA) virus can do?

Executable code extraction
Presents an Authenticode digital signature
Creates RWX memory
A process attempted to delay the analysis task.
Reads data out of its own binary image
Drops a binary and executes it
Performs some HTTP requests
Attempts to modify proxy settings

Related domains:

stat.offerbox.io

How to determine Generic PUA CC (PUA)?


File Info:
crc32: 64327EF5md5: f5cf1460ab62b691698aa7313d9b9bd5name: igra_lyubov_zlyh_ptic.exesha1: 436cc8bd8cea0b5f64ef479cbce9f8a6833a52ffsha256: 8c37c61c7263409f4be50082043e4e14abc9a8b2a08987537b759c371997bd29sha512: e8356900c00c777e2c8b0490ded36ba60fc94fe2128c22244b2ec588c6690abb3e66ed6d22bf5fa7d42a29afc83226f2cfb52c5ffee1b8bad49fd4eb388243edssdeep: 98304:t2hIphXaQ3pKMTsyIwlvLnOGXylCXlSL4PwEC:t7/XP3MG1Iw7ys24Y9type: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright:                                                                                                     FileVersion:                     CompanyName: Offerbox                                                    Comments: This installation was built with Inno Setup.ProductName: igra_lyubov_zlyh_ptic                                       ProductVersion: 0.0.0.1                                           FileDescription: igra_lyubov_zlyh_ptic Setup                                 Translation: 0x0000 0x04b0

Generic PUA CC (PUA) also known as:

FireEye	Generic.mg.f5cf1460ab62b691
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Adware ( 0053dc471 )
K7GW	Adware ( 0053dc471 )
CrowdStrike	win/malicious_confidence_80% (D)
TrendMicro	TROJ_GEN.R007C0OEJ20
Cyren	W32/S-70232f14!Eldorado
Symantec	SMG.Heur!gen
ESET-NOD32	a variant of Win32/Appster.D potentially unwanted
TrendMicro-HouseCall	TROJ_GEN.R007C0OEJ20
Avast	Win32:UnwantedSig [PUP]
GData	NSIS.Application.Offerbox.A
Kaspersky	not-a-virus:HEUR:Downloader.Win32.OfferInstall.gen
Alibaba	Downloader:Win32/OfferInstall.7086d662
NANO-Antivirus	Trojan.Win32.Magala.flpthi
ViRobot	Adware.Ursu.3536584
AegisLab	Riskware.Win32.OfferInstall.1!c
Sophos	Generic PUA CC (PUA)
Comodo	Application.Win32.Appster.CB@7yjsvh
F-Secure	Heuristic.HEUR/AGEN.1109570
DrWeb	Program.Appset.14
Invincea	heuristic
Emsisoft	Application.Agent (A)
APEX	Malicious
Avira	HEUR/AGEN.1109570
Antiy-AVL	GrayWare[AdWare]/Win32.Appster.a
Endgame	malicious (high confidence)
AhnLab-V3	PUP/Win32.OfferInstaller.R249693
ZoneAlarm	not-a-virus:HEUR:Downloader.Win32.OfferInstall.gen
Microsoft	PUA:Win32/Offerbox
Cynet	Malicious (score: 85)
McAfee	Artemis!F5CF1460AB62
VBA32	Downloader.OfferInstall
Malwarebytes	PUP.Optional.AppsetOffer
Panda	PUP/Multitoolbar
Rising	Adware.AppsetOffer!1.B831 (CLASSIC)
Fortinet	Riskware/OfferInstall
Webroot	W32.Adware.Gen
AVG	Win32:UnwantedSig [PUP]
Qihoo-360	Win32/Trojan.e07