Categories: Adware

What is “LoadMoney.Adware.Bundler.DDS”?

The LoadMoney.Adware.Bundler.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What LoadMoney.Adware.Bundler.DDS virus can do?

Behavioural detection: Executable code extraction – unpacking
CAPE extracted potentially suspicious content
Unconventionial language used in binary resources: Russian
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Attempts to modify proxy settings
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine LoadMoney.Adware.Bundler.DDS?


File Info:
name: 9888134429C7CAC8D7B8.mlwpath: /opt/CAPEv2/storage/binaries/ce210e04e152c524d20453cdac3eba85d7434a0c68199936cce0cb1ac086a3f3crc32: 3E526F6Bmd5: 9888134429c7cac8d7b895f19fc26a66sha1: 14783a823b0400d824226384003967b2eae149d1sha256: ce210e04e152c524d20453cdac3eba85d7434a0c68199936cce0cb1ac086a3f3sha512: fbbde233c808acc174165acf6e7243024c9ec22fb682f25a4eaefe125211514ed82803c138e6527cc0228d9585ca2600aa26168ed888fae2d6fdb36c2019d028ssdeep: 3072:wKea5hAapmI4R0Wkt7VgQF7p10r4X07lLt+NNwCZVyk/86NJFD:wKea5hAOmIEkt2QppmUXYt+NNDZVyhSDtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T108D3E0779954F5A2C52B887053D7F0876FB4DC326F12086DBA8A59B7E43A0B5023A337sha3_384: a2f62e523567d6ebd519680b2caa6407c398de5f1f57ef2962f9d9db57ca7457ba086f9271b61084163250519cab47edep_bytes: 895424f4c705f0d041003b5a0100833dtimestamp: 1992-06-19 22:22:17
Version Info:
0: [No Data]

LoadMoney.Adware.Bundler.DDS also known as:

Lionic	Trojan.Win32.Agentb.m5yq
Elastic	malicious (high confidence)
DrWeb	Trojan.LoadMoney.227
MicroWorld-eScan	Gen:Variant.Adware.Strictor.46898
FireEye	Generic.mg.9888134429c7cac8
CAT-QuickHeal	Trojan.Sisproc.A6
McAfee	Downloader-FWY!9888134429C7
Malwarebytes	LoadMoney.Adware.Bundler.DDS
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 005042e41 )
K7GW	Trojan ( 005042e41 )
CrowdStrike	win/grayware_confidence_60% (D)
BitDefenderTheta	AI:Packer.7A73BD7A1F
VirIT	Trojan.Win32.LoadMoney.IT
Cyren	W32/LoadMoney.R.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/LoadMoney.CA potentially unwanted
APEX	Malicious
ClamAV	Win.Trojan.Agent-1372314
Kaspersky	Trojan.Win32.Agentb.aemn
BitDefender	Gen:Variant.Adware.Strictor.46898
NANO-Antivirus	Trojan.Win32.Agent.dknrwv
Avast	Win32:LoadMoney-AT [Trj]
Tencent	Malware.Win32.Gencirc.10b295b1
Emsisoft	Gen:Variant.Adware.Strictor.46898 (B)
F-Secure	Trojan.TR/Crypt.XPACK.Gen2
Baidu	Win32.Adware.Kryptik.c
VIPRE	Gen:Variant.Adware.Strictor.46898
McAfee-GW-Edition	BehavesLike.Win32.PWSZbot.ch
Trapmine	malicious.high.ml.score
Sophos	Mal/EncPk-ACB
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Adware.Strictor.46898
Jiangmin	Trojan/Agentb.ahg
Google	Detected
Avira	TR/Crypt.XPACK.Gen2
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Win32.Agentb.aemn
Xcitium	TrojWare.Win32.Kryptik.BAJ@57fz7n
Arcabit	Trojan.Adware.Strictor.DB732
ZoneAlarm	Trojan.Win32.Agentb.aemn
Microsoft	SoftwareBundler:Win32/Ogimant
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.LoadMoney.C219114
ALYac	Gen:Variant.Adware.Strictor.46898
TACHYON	Trojan/W32.Agentb.135168.C
VBA32	Malware-Cryptor.Limpopo
Cylance	unsafe
Panda	Trj/Genetic.gen
Rising	Adware.LoadMoney!1.AE7B (CLASSIC)
Yandex	Trojan.Agentb!aBrWWHX/+U0
Ikarus	Virus.Win32.Cryptor
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/LoadMoney.CD!tr
AVG	Win32:LoadMoney-AT [Trj]
DeepInstinct	MALICIOUS