PUA

NSIS:Zango [PUP] malicious file

Malware Removal

The NSIS:Zango [PUP] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What NSIS:Zango [PUP] virus can do?

  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine NSIS:Zango [PUP]?



File Info:

name: 9531019A2F9E7AC5C31A.mlw
path: /opt/CAPEv2/storage/binaries/8f3ad78eb213bbef7c7d25ca38b5b0f0515d97903a4b3ee0b11f1d4a7ef33ec5
crc32: 4244BDA1
md5: 9531019a2f9e7ac5c31a5f3e3280c6f1
sha1: 06218cd4a6036b723b3f5f263641bc5618714842
sha256: 8f3ad78eb213bbef7c7d25ca38b5b0f0515d97903a4b3ee0b11f1d4a7ef33ec5
sha512: 4f389286a0ecc6615612976454773dbcb8d9d3bbef6c67c09bea6bee7ac600d606e196310b17825ccae9860cb0683e0980d1f088832bab3474d72629949320e6
ssdeep: 12288:nJNiVutUiX3aFY0xhaDZE98fx+/hYB42WKLhHPu:nJNeCfbZw2x4hYB4zKLhW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T188C42315B7C0C9BED2A15BB087B79B7DDBBBEB480610154707225F5FBAE4093CA059C2
sha3_384: e184285486516384f9bc8753d5f862d2333ecd86f270bb68395846df94b9d1cd270f604c17ad5d7e338f4e23309c5a0f
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:52


Version Info:

FileDescription: 
FileVersion: 1.0.0.0
LegalCopyright: 
Translation: 0x0409 0x0000

NSIS:Zango [PUP] also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanApplication.Agent.HVX
ALYacApplication.Agent.HVX
CylanceUnsafe
CrowdStrikewin/grayware_confidence_100% (D)
VirITTrojan.Win32.Siggen4.CXIM
CyrenW32/180Solutions.D.gen!Eldorado
tehtrisGeneric.Malware
APEXMalicious
ClamAVWin.Adware.Shopper-106
BitDefenderApplication.Agent.HVX
NANO-AntivirusTrojan.Win32.Shopper.bczaeo
SUPERAntiSpywareTrojan.Agent/Gen-Dropper
AvastNSIS:Zango [PUP]
RisingTrojan.Generic@AI.89 (RDML:wJCTaDbKH6J5+hWQfUCT0g)
EmsisoftApplication.Agent.HVX (B)
DrWebAdware.Zango.15
TrendMicroTSPY_PLAYVOLCANOINSTALLER_CA082DE1.TOMC
McAfee-GW-EditionPUP-XAO-BY
Trapminemalicious.high.ml.score
FireEyeApplication.Agent.HVX
SophosGeneric ML PUA (PUA)
Ikarusnot-a-virus:AdWare.Win32.Shopper
GDataApplication.Agent.HVX
AviraTR/Dropper.Gen
MAXmalware (ai score=85)
ArcabitApplication.Agent.HVX
MicrosoftTrojan:Win32/Skeeyah.A!MTB
CynetMalicious (score: 100)
Acronissuspicious
McAfeeArtemis!BB8274DFF449
VBA32Adware.Zango
TrendMicro-HouseCallTSPY_PLAYVOLCANOINSTALLER_CA082DE1.TOMC
SentinelOneStatic AI – Malicious PE
FortinetAdware/Shopper
BitDefenderThetaGen:NN.ZedlaF.34712.eu8@ayvGE3ki
AVGNSIS:Zango [PUP]
Cybereasonmalicious.a2f9e7

How to remove NSIS:Zango [PUP]?

NSIS:Zango [PUP] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment