Crack

How to remove “HackTool.Win64.BypassUAC.h”?

Malware Removal

The HackTool.Win64.BypassUAC.h is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What HackTool.Win64.BypassUAC.h virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Transacted Hollowing
  • Uses suspicious command line tools or Windows utilities

How to determine HackTool.Win64.BypassUAC.h?


File Info:

name: 99B963E93A011746B449.mlw
path: /opt/CAPEv2/storage/binaries/28519ebc4d8dbd4f830d954cfe13a454a32d22aedcfde7742d588da93df859d2
crc32: C6D1BAC5
md5: 99b963e93a011746b4493d198dafceed
sha1: 482f68e093082680ff265fc4af5470b11b21c39c
sha256: 28519ebc4d8dbd4f830d954cfe13a454a32d22aedcfde7742d588da93df859d2
sha512: 5392b4f772c29225c33aca6c2386c7032ef96f080b5b0b82c6b566642f34cedded617fb8f5b80fd51074fa02f48b17c360f55e09cc21a0d0b2057ae00b48da78
ssdeep: 98304:82cPK8sbJg/yO8SpakQ0fZgFAfOk2dyuKQBfYhr6DJPu8TQ/6WRJ10zVXZRfIGbK:nCKpbJ1O9k5qZOHKQ+l6DxuuQ5RJ10pY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16E46220363D6C036FFABA2739B6AF20556BC39254123882F13981DB97D705B163BD663
sha3_384: 32c52ee8b6c1c0596a60d247e3cc1553f2e462448a8714b4df7ebcf77fa013240a2fdf1a16cd5fb0e8d27442b97116e2
ep_bytes: e8c8d00000e97ffeffffcccccccccccc
timestamp: 2022-11-06 12:18:32

Version Info:

Translation: 0x0809 0x04b0

HackTool.Win64.BypassUAC.h also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Runner.BL
McAfeeTrojan-AutoIt.ba
CylanceUnsafe
VIPRETrojan.Runner.BL
SangforVirus.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (D)
BitDefenderTrojan.Runner.BL
CyrenW64/Trojan.YHUF-5132
tehtrisGeneric.Malware
ESET-NOD32multiple detections
APEXMalicious
ClamAVWin.Malware.CoinMiner-9871492-1
KasperskyHackTool.Win64.BypassUAC.h
AvastWin64:MiscX-gen [PUP]
Ad-AwareTrojan.Runner.BL
EmsisoftTrojan.Runner.BL (B)
F-SecureHeuristic.HEUR/AGEN.1247784
TrendMicroTROJ_GEN.R002C0DHD22
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.99b963e93a011746
SophosGeneric ML PUA (PUA)
IkarusTrojan.Runner
GDataTrojan.GenericKD.35378294 (2x)
AviraHEUR/AGEN.1247784
MAXmalware (ai score=85)
Antiy-AVLTrojan/Generic.ASSuf.422E0
ArcabitTrojan.Runner.BL [many]
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win64.Generic.R373197
Acronissuspicious
ALYacTrojan.GenericKD.47455780
MalwarebytesMalware.AI.625346215
TrendMicro-HouseCallTROJ_GEN.R002C0DHD22
RisingHackTool.UACMe!8.4B36 (TFE:4:UAiVLmiWecN)
MaxSecureTrojan.Malware.300983.susgen
FortinetW64/CoinMiner.44529422!tr
AVGWin64:MiscX-gen [PUP]
Cybereasonmalicious.93a011

How to remove HackTool.Win64.BypassUAC.h?

HackTool.Win64.BypassUAC.h removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment