PUA

NSIS:Loderka-AU [PUP] information

Malware Removal

The NSIS:Loderka-AU [PUP] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What NSIS:Loderka-AU [PUP] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine NSIS:Loderka-AU [PUP]?



File Info:

name: 84CCDB0A858F03776615.mlw
path: /opt/CAPEv2/storage/binaries/3c331d0a0d831ad6a1c90049b9666cf6660e2ca22e846b2173e59af59d0946ca
crc32: 1E812402
md5: 84ccdb0a858f037766150e4dace50d5a
sha1: bfc05fef10b6f1bcf473d1f207f05a96afeb3cf7
sha256: 3c331d0a0d831ad6a1c90049b9666cf6660e2ca22e846b2173e59af59d0946ca
sha512: f1f0026b4dd26ec6b5b6ebabb761cef428532663c7204de1715a37406baf46fa79976c05ba4ce090986102494cb8e623e313284adcd02c94b1cace596c58190a
ssdeep: 49152:n5FMwLDRCplj4NhWSvHo9Fy8juPmCibhjB:vVLQd4N8Sv2Ft7f
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17F852303F3D34476E936163CC8AAC045AD1B78A529F2645F2CFEDA4F16B92C16C76A70
sha3_384: 0f70ec25f2ba51fce24b892254ce38308ff84f4e5e00ce37721afd2a59925c630772aa9ee89ecd7914f23f357b7b8300
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2012-10-02 05:04:04


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: Paranoid Interactive                                        
FileDescription: Setup For Frozenheim                                        
FileVersion: 1.0.0               
LegalCopyright: © Paranoid Interactive                                                                              
ProductName: Frozenheim                                                  
ProductVersion: 0.8.0.23            
Translation: 0x0000 0x04b0

NSIS:Loderka-AU [PUP] also known as:

BkavW32.Common.7D342F44
Elasticmalicious (moderate confidence)
CynetMalicious (score: 100)
SangforPUP.Win32.Agent.V3rq
ESET-NOD32multiple detections
AvastNSIS:Loderka-AU [PUP]
DrWebAdware.Downware.20346
IkarusPUA.INNO.RePack
GoogleDetected
MalwarebytesGeneric.Malware/Suspicious
FortinetRiskware/NDAoF
AVGNSIS:Loderka-AU [PUP]
DeepInstinctMALICIOUS

How to remove NSIS:Loderka-AU [PUP]?

NSIS:Loderka-AU [PUP] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment