OxyPumper.Adware.BrowserHijacker.DDS (file analysis)

The OxyPumper.Adware.BrowserHijacker.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What OxyPumper.Adware.BrowserHijacker.DDS virus can do?

CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine OxyPumper.Adware.BrowserHijacker.DDS?


File Info:
name: 4E011557F30684CB1F64.mlw
path: /opt/CAPEv2/storage/binaries/1cae6962f49890ea4e7ce30e06c19b27289a0cd4809a8d717bffe894a66ca036
crc32: 16D31DDF
md5: 4e011557f30684cb1f64ca12c0155bff
sha1: 671f78d90cea78b33674c311ac82a7941387b32f
sha256: 1cae6962f49890ea4e7ce30e06c19b27289a0cd4809a8d717bffe894a66ca036
sha512: bdd5818e377e269eccc035ea02f410509df9d6a3fe96f54f2f3f80a835ce7df907afc5bd37cc4242257d5177b8fbe30c44cbebb978f3826605551b478fb94ce1
ssdeep: 24576:zoBuk7ODIE9obHZAaJ3TCeU3UxTEPUEns:zoBr7OJ2b5Z3hU3U9EPUq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18085E0507940C69BC9D937742E26F73027A2BDE9A560C20EB9E53FAB7ABF3131107650
sha3_384: 808fa295d78b29f92b24fc28dee3b052aa7d73c7247edb027c57583ac0611a481c5f8862f169a63a9eaa0413dde3746f
ep_bytes: ff250020400000000000000000000000
timestamp: 2014-11-10 17:56:04

Version Info:
Translation: 0x0000 0x04b0
FileDescription: Cyberizm Reader V2
FileVersion: 1.0.0.0
InternalName: Cyberizm Reader V2.exe
LegalCopyright: Copyright ©  2014
OriginalFilename: Cyberizm Reader V2.exe
ProductName: Cyberizm Reader V2
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

OxyPumper.Adware.BrowserHijacker.DDS also known as:

Bkav	W32.Common.75E73FA4
Lionic	Trojan.Win32.Generic.4!c
Malwarebytes	OxyPumper.Adware.BrowserHijacker.DDS
Sangfor	Trojan.Win32.Agent.Vibf
Cybereason	malicious.90cea7
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
APEX	Malicious
Avast	Win32:Malware-gen
DrWeb	Trojan.DownLoader15.57110
McAfee-GW-Edition	Artemis!Trojan
SentinelOne	Static AI – Suspicious PE
GData	Win32.Trojan.Agent.K3OVOD
Antiy-AVL	Trojan/Win32.SGeneric
Google	Detected
McAfee	Artemis!4E011557F306
Ikarus	Virus.ILCrypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	PossibleThreat
BitDefenderTheta	Gen:NN.ZemsilF.36348.Sn0@am5gGhh
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_60% (W)

How to remove OxyPumper.Adware.BrowserHijacker.DDS?

OxyPumper.Adware.BrowserHijacker.DDS removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X