PUA

PUA.IcloaderPMF.S18499998 removal

Malware Removal

The PUA.IcloaderPMF.S18499998 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUA.IcloaderPMF.S18499998 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Queries information on disks, possibly for anti-virtualization
  • Detects the presence of Wine emulator via registry key
  • Checks the version of Bios, possibly for anti-virtualization
  • Attempts to modify proxy settings
  • Collects information to fingerprint the system

Related domains:

static.16.249.201.195.clients.your-server.de

How to determine PUA.IcloaderPMF.S18499998?



File Info:

crc32: C90C2D15
md5: 91a4739f6ef34a2dc92972c649744209
name: 91A4739F6EF34A2DC92972C649744209.mlw
sha1: 4de4abb93c9a2765f587d73e02049ba4dca46202
sha256: 1a2cd362c8af5eca8f3314ac9a49ed6fa44f767244da614731d820a08b07cb56
sha512: fcb8d51d9a3f467e39df4d86d31912673fadf1aa0efd8d3d9758d6ca1b31dcb4f46cf100ebbd0f7b3aad5bc0c07cece9cdb6f8ba5d166b571c206e9d1a33e160
ssdeep: 24576:jA6WVw2SnUawJG+19oQAatgbqfG7kP0WgpoJpwt0IOQ1ltGIBwfpJ:c6WVNaw4awqCoDC0IOQ13lu/
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

ProductVersion: 15.0.26127.21
ProductName: AGComp.EXE
FileVersion: 15.0.26127.21
CompanyName: AGComp
Translation: 0x0409 0x04e3

PUA.IcloaderPMF.S18499998 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0053cb111 )
LionicTrojan.Win32.Ekstak.4!c
Elasticmalicious (high confidence)
DrWebTrojan.InstallCube.3723
MicroWorld-eScanApplication.Bundler.ICLoader.5.Gen
CAT-QuickHealPUA.IcloaderPMF.S18499998
ALYacApplication.Bundler.ICLoader.5.Gen
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.1490694
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (D)
AlibabaTrojan:Win32/Katusha.3b9c8b55
K7GWTrojan ( 0053cb111 )
Cybereasonmalicious.f6ef34
CyrenW32/ICLoader.BM.gen!Eldorado
SymantecPUA.ICLoader
ESET-NOD32a variant of Win32/Kryptik.GKWT
APEXMalicious
AvastWin32:AdwareSig [Adw]
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderApplication.Bundler.ICLoader.5.Gen
NANO-AntivirusTrojan.Win32.Katusha.fhymqz
TencentMalware.Win32.Gencirc.10cc561d
Ad-AwareApplication.Bundler.ICLoader.5.Gen
SophosGeneric PUA EN (PUA)
ComodoApplication.Win32.ICLoader.GS@84429a
McAfee-GW-EditionPacked-FMV!91A4739F6EF3
FireEyeGeneric.mg.91a4739f6ef34a2d
EmsisoftApplication.FileTour (A)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.cznax
AviraTR/ICLoader.Gen8
eGambitUnsafe.AI_Score_100%
Antiy-AVLTrojan/Generic.ASMalwS.281305A
MicrosoftPUADlManager:Win32/InstallCube
ZoneAlarmHEUR:Packed.Win32.Katusha.gen
GDataApplication.Bundler.ICLoader.5.Gen
AhnLab-V3PUP/Win32.Agent.R237627
Acronissuspicious
McAfeePacked-FMV!91A4739F6EF3
MAXmalware (ai score=99)
VBA32BScope.Trojan.InstallCube
MalwarebytesAdware.ICLoader
PandaTrj/Genetic.gen
RisingTrojan.Kryptik!1.AA23 (CLASSIC)
YandexTrojan.GenAsa!opwZz/KtwSg
IkarusPUA.FileTour
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/CoinMiner.GYQC!tr
AVGWin32:AdwareSig [Adw]
Paloaltogeneric.ml

How to remove PUA.IcloaderPMF.S18499998?

PUA.IcloaderPMF.S18499998 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment