PUABundler:Win32/MediaGet removal guide

The PUABundler:Win32/MediaGet is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What PUABundler:Win32/MediaGet virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine PUABundler:Win32/MediaGet?


File Info:
name: 5409BA233AAF8A78C797.mlw
path: /opt/CAPEv2/storage/binaries/8b4b155f8b2de77a6a959b10fad3ff75dd726542de2f64b2c3c7439ebc984e50
crc32: B7E2B204
md5: 5409ba233aaf8a78c797d3cc0da51699
sha1: f4b8a9b63dc3a732171f99d4711367455caf67bf
sha256: 8b4b155f8b2de77a6a959b10fad3ff75dd726542de2f64b2c3c7439ebc984e50
sha512: 21b489057ec776cf39c6b654e7d5b56aaedb7f0df399b878d864fd847ccf520ce0223dbb90fb68d8c6c84b579f01a0d6f6da6c47402c49fe82d5e505801eb607
ssdeep: 49152:soHhhYfv8XAWnEp2222222222222222222222222222222z3mXgO:RHhhYfCKvXgO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T113856A219EC7817FD87A07BEB9698A7A211BE12037C651C3D3D4892A59A7FD13DF7002
sha3_384: 7bb717ece4a7342a1c3b47372500f30087607e0772929b5a90c47f3a5ce0a2673f9a3f287e45429b7f85be98c70843f0
ep_bytes: ff157c72480083f87875cf893530304a
timestamp: 2011-11-09 14:58:28

Version Info:
0: [No Data]

PUABundler:Win32/MediaGet also known as:

Bkav	W32.AIDetectMalware
Skyhigh	BehavesLike.Win32.Generic.th
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 004bcce41 )
K7GW	Trojan ( 004bcce41 )
CrowdStrike	win/malicious_confidence_90% (D)
BitDefenderTheta	Gen:NN.ZexaE.36792.XnZ@ai67skd
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
APEX	Malicious
Cynet	Malicious (score: 100)
FireEye	Generic.mg.5409ba233aaf8a78
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Suspicious PE
Google	Detected
Microsoft	PUABundler:Win32/MediaGet
Varist	W32/MediaGet.A.gen!Eldorado
Cylance	unsafe
MaxSecure	Trojan.Malware.300983.susgen
DeepInstinct	MALICIOUS

How to remove PUABundler:Win32/MediaGet?

PUABundler:Win32/MediaGet removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X