PUA

PUA.AgentIH.S26141605 malicious file

Malware Removal

The PUA.AgentIH.S26141605 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUA.AgentIH.S26141605 virus can do?

  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine PUA.AgentIH.S26141605?



File Info:

name: 58EAB30FE5034A8E7BB7.mlw
path: /opt/CAPEv2/storage/binaries/8ed1efc846481581d3da887e35cc81be2b8031107069822a681bfe0c26a22838
crc32: CDA323BC
md5: 58eab30fe5034a8e7bb78ad91665d7c7
sha1: 80424259f82f5ae3b659685492768d6f05c2145d
sha256: 8ed1efc846481581d3da887e35cc81be2b8031107069822a681bfe0c26a22838
sha512: 3a287e41c9795f0cb553f68812953273b496ee3b2ba7da6887327d99e8888c17f9746c0a43851ce2dc9abf3a5980f856bc36f05fd3b038fc9f8395f4bc967b6b
ssdeep: 49152:PWEnZpKSZCxf92wAciX0TJtmL4iNhH3yTktit1Nm8vm0T7zlxa3Bhd8X:PbhwAciXuJtg4iNByTnT63XdE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B7365D13B648913AD07F5B3648679554983FBE612E16CC5B27E83A4C8F3B6407B3AE07
sha3_384: 8195125c56478d53d1d6355b98428615257382682e05b7c1656647498adce4df5f1dd9755d4208fef3c7a64a76e31f49
ep_bytes: 558bec83c4e85333c08945ec8945e8b8
timestamp: 2021-09-29 09:45:18


Version Info:

0: [No Data]

PUA.AgentIH.S26141605 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.47246270
FireEyeTrojan.GenericKD.47246270
CAT-QuickHealPUA.AgentIH.S26141605
McAfeeGenericRXQG-BY!58EAB30FE503
CylanceUnsafe
ZillyaTrojan.Duote.Win32.350
SangforAdware.Win32.MiniPages.gen
K7AntiVirusTrojan ( 00587c951 )
K7GWTrojan ( 00587c951 )
CyrenW32/Duote.F.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Duote.A
ClamAVWin.Adware.Duote-9646690-0
Kasperskynot-a-virus:HEUR:AdWare.Win32.MiniPages.gen
BitDefenderTrojan.GenericKD.47246270
TencentPua:Adware.Win32.Minipages.16000144
EmsisoftTrojan.GenericKD.47246270 (B)
TrendMicroTROJ_GEN.R002C0PJC21
McAfee-GW-EditionBehavesLike.Win32.Generic.rh
SophosMal/Generic-S
IkarusTrojan.Win32.Duote
JiangminAdWare.MiniPages.ef
Antiy-AVLTrojan/Generic.ASMalwS.34A58A8
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.MiniPages.gen
GDataTrojan.GenericKD.47246270
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.BY.R445562
VBA32Adware.MiniPages
ALYacTrojan.GenericKD.47246270
MAXmalware (ai score=84)
MalwarebytesMalware.AI.2463582599
TrendMicro-HouseCallTROJ_GEN.R002C0PJC21
RisingAdware.Duote!1.D193 (CLOUD)
FortinetW32/Duote.A!tr
PandaTrj/Genetic.gen
CrowdStrikewin/grayware_confidence_70% (D)

How to remove PUA.AgentIH.S26141605?

PUA.AgentIH.S26141605 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment