PUA

NirSoft Chrome Cookies View (PUA) (file analysis)

Malware Removal

The NirSoft Chrome Cookies View (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What NirSoft Chrome Cookies View (PUA) virus can do?

  • Dynamic (imported) function loading detected
  • Unconventionial language used in binary resources: Hebrew
  • Authenticode signature is invalid
  • Steals private information from local Internet browsers
  • Harvests cookies for information gathering

How to determine NirSoft Chrome Cookies View (PUA)?



File Info:

name: CA251E608DF4540D65A7.mlw
path: /opt/CAPEv2/storage/binaries/d20d1df94b82c28a43cc3a7f3a652df2a3bc0cf744f14bdadf2cb667fa54a9f2
crc32: FBA68E6A
md5: ca251e608df4540d65a71ce34ef973ba
sha1: a9b8360e5aee2226604838c8826b823f310929e8
sha256: d20d1df94b82c28a43cc3a7f3a652df2a3bc0cf744f14bdadf2cb667fa54a9f2
sha512: 05edf5d76e3e10c90f8bdc9ade685204130d163f44f2c023a6ec883551a64912257d67abebac013277266ac5fd6d05a497a4f37d9d2b2de33f174b8bac3038fc
ssdeep: 196608:D2y2y2y2y2y2y2y2y2y2y2y2y2y2y2y2y2y2y2y2y2y2y2y2:D2y2y2y2y2y2y2y2y2y2y2y2y2y2y2yW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16276BE22F3E28076D4B71571076B5B36AEFDBA2441328C5B47C81C4E5EB46A1EA3E317
sha3_384: 10005d88ff15f2b0745231baef17f73bc079cbd07d245b3272735f1568c76bf17e1ed1f0cb229c368b039f905dfc5a38
ep_bytes: 6a7068c0044400e80802000033ff57ff
timestamp: 2020-02-19 09:25:12


Version Info:

CompanyName: NirSoft
FileDescription: ChromeCookiesView
FileVersion: 1.60
InternalName: ChromeCookiesView
LegalCopyright: Copyright © 2011 - 2020 Nir Sofer
OriginalFilename: ChromeCookiesView.exe
ProductName: ChromeCookiesView
ProductVersion: 1.60
Translation: 0x0409 0x04b0

NirSoft Chrome Cookies View (PUA) also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.47566243
FireEyeGeneric.mg.ca251e608df4540d
McAfeeGenericRXAA-AA!CA251E608DF4
CylanceUnsafe
ZillyaTrojan.Nimnul.Win32.1861
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderThetaGen:NN.ZexaE.34062.@t3@aSijIoiO
CyrenW32/CookieStealer.G.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
BitDefenderTrojan.GenericKD.47566243
Ad-AwareTrojan.GenericKD.47566243
EmsisoftTrojan.GenericKD.47566243 (B)
DrWebTool.PassView.1944
McAfee-GW-EditionBehavesLike.Win32.BadFile.wh
SophosNirSoft Chrome Cookies View (PUA)
GDataTrojan.GenericKD.47566243
JiangminTrojan.Convagent.bo
AviraTR/AD.Mimikatz.ahqwa
ArcabitTrojan.Generic.D2D5CDA3
MicrosoftPWS:Win32/Zbot!ml
ALYacTrojan.GenericKD.47523203
MAXmalware (ai score=83)
MalwarebytesRiskWare.ChromeCookiesView
TrendMicro-HouseCallTROJ_GEN.R002H09L321
RisingHackTool.BrowserPassview!1.CC5C (CLASSIC)
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
MaxSecureTrojan.Malware.119770406.susgen

How to remove NirSoft Chrome Cookies View (PUA)?

NirSoft Chrome Cookies View (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment