PUA

NSIS:Loderka-AU [PUP] removal instruction

Malware Removal

The NSIS:Loderka-AU [PUP] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What NSIS:Loderka-AU [PUP] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine NSIS:Loderka-AU [PUP]?



File Info:

name: ECCD1867A5426B2BF0E7.mlw
path: /opt/CAPEv2/storage/binaries/d87d1849291382d4656400a21ce4879320eccc7ed22ccd7030de2cc3d2d38ba4
crc32: 345FAFC9
md5: eccd1867a5426b2bf0e73eb8e1c0f333
sha1: ce0476133f00d64fb9e854b753f1a9870957a051
sha256: d87d1849291382d4656400a21ce4879320eccc7ed22ccd7030de2cc3d2d38ba4
sha512: 5f29ff625bcf3959ae24e4fe9c44ae329aa8f05fa4c622f0605071309407349f9dbf10f6b11e501149727678e107a7b0f04d987b84c17a42c2726510adbf4dee
ssdeep: 49152:TM8PNrFdcVwhmgE0plj4NhWU6vHo9sbeSbP2pPZq9a:AqN/yId4N8Lv2sbeSOx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BD952302E3C38673E675197CC95A8484EC23756829E1A05EBEFDDE0F1A7D2C52C36A74
sha3_384: 6687235a80419d98105881d4d4d90d7db5b56b501308f8ad8e3e6e06833914b5a9510b354735cec94ce0499321144d73
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2012-10-02 05:04:04


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: Activision                                                  
FileDescription: Setup For Call of Duty Modern Warfare 2                     
FileVersion: 1.0.01              
LegalCopyright: © Activision                                                                                        
ProductName: Call of Duty Modern Warfare 2                               
ProductVersion: 15.05.20211         
Translation: 0x0000 0x04b0

NSIS:Loderka-AU [PUP] also known as:

BkavW32.AIDetectMalware
MalwarebytesGeneric.Malware/Suspicious
SangforPUP.Win32.Agent.Vrbb
ESET-NOD32multiple detections
AvastNSIS:Loderka-AU [PUP]
DrWebAdware.Downware.20338
GoogleDetected
IkarusPUA.INNO.RePack
MaxSecureTrojan.Malware.218664370.susgen
AVGNSIS:Loderka-AU [PUP]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_70% (D)

How to remove NSIS:Loderka-AU [PUP]?

NSIS:Loderka-AU [PUP] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment