PUA

PUA.StormserRI.S28491914 (file analysis)

Malware Removal

The PUA.StormserRI.S28491914 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUA.StormserRI.S28491914 virus can do?

  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities

How to determine PUA.StormserRI.S28491914?



File Info:

name: DC2DF66702698EC9B39F.mlw
path: /opt/CAPEv2/storage/binaries/df7338128ba19247c86c33f7df19890e95ebcadba8555466caaccd31f43dc527
crc32: 88D1139D
md5: dc2df66702698ec9b39f3d71b6768510
sha1: 01e6a8c0c9feb62e6bf4213b884c101dbbccd942
sha256: df7338128ba19247c86c33f7df19890e95ebcadba8555466caaccd31f43dc527
sha512: a643b275a7e9fd52a1078a571781010dd88dca0976515eb7a45aa8e61a534551dc6a35297ae8ea999cfda8b22da51cf547ae816b241a5c07ef433fef74851e00
ssdeep: 192:ubOzawOs81elJHsc45CcRZOqtShcWaOT2QLrCqwiY04/CFxyNhoy5tH:ubLwOs8AHsc4sMtwhKQLroY4/CFsrdH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T132933A427A9B78E3EE4111303CEE46F4956EDDDC710DBA9E6A70CB14023E153972A1EB
sha3_384: 8630afdb75d4346cdf678dda5ec91f0573060dd4862037c0bb04e7caeb9ea1bb341222339302a61362159b04bbf5f443
ep_bytes: 558bec6aff6898314000683026400064
timestamp: 2010-07-31 11:55:58


Version Info:

0: [No Data]

PUA.StormserRI.S28491914 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Rincux.AW
FireEyeGeneric.mg.dc2df66702698ec9
CAT-QuickHealPUA.StormserRI.S28491914
SkyhighBehavesLike.Win32.Generic.nz
ALYacTrojan.Rincux.AW
MalwarebytesMalware.AI.2681005475
VIPRETrojan.Rincux.AW
SangforSuspicious.Win32.Save.ins
K7GWTrojan ( 00073eb11 )
K7AntiVirusTrojan ( 00073eb11 )
BitDefenderThetaAI:Packer.8BDA6DD41E
VirITTrojan.Win32.Storm.GA
SymantecSMG.Heur!gen
ESET-NOD32a variant of Win32/TrojanDropper.Agent.PIH
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-DDoS.Win32.StormAttack.a
BitDefenderTrojan.Rincux.AW
NANO-AntivirusTrojan.Win32.StormAttack.fnqayj
SUPERAntiSpywareTrojan.Agent/Gen-DDOS
AvastWin32:Dropper-OYD [Drp]
TencentTrojan-Ddos.Win32.Stormattack.wa
EmsisoftTrojan.Rincux.AW (B)
F-SecureTrojan.TR/Dropper.Gen
DrWebDDoS.Storm.156
ZillyaTool.StormAttackGen.Win32.1
Trapminemalicious.high.ml.score
SophosTroj/Agent-BIXD
SentinelOneStatic AI – Malicious PE
JiangminTrojanDDoS.StormAttack.b
WebrootW32.Trojan.Gen
VaristW32/Agent.FHV.gen!Eldorado
AviraTR/Dropper.Gen
MAXmalware (ai score=84)
Antiy-AVLTrojan/Win32.Agent.pih
Kingsoftmalware.kb.a.999
XcitiumTrojWare.Win32.Magania.~AAC@f80ur
ArcabitTrojan.Rincux.AW
ZoneAlarmTrojan-DDoS.Win32.StormAttack.a
GDataWin32.Trojan.PSE.SHFS16
GoogleDetected
AhnLab-V3Trojan/Win.StormAttack.92820
Acronissuspicious
VBA32BScope.TrojanDDoS.StormAttack
TACHYONTrojan/W32.StormAttack.94208
Cylanceunsafe
PandaTrj/Genetic.gen
RisingDropper.Agent!1.C6A3 (CLASSIC)
IkarusTrojan-Downloader.Win32.Pangu
FortinetW32/ServStart.AS!tr
AVGWin32:Dropper-OYD [Drp]
DeepInstinctMALICIOUS
alibabacloudTrojan[dropper]:Win/Agent.ce7d26d3

How to remove PUA.StormserRI.S28491914?

PUA.StormserRI.S28491914 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment