PUA

What is “PUABundler:Win32/Soft32Downloader”?

Malware Removal

The PUABundler:Win32/Soft32Downloader is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUABundler:Win32/Soft32Downloader virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • CAPE detected the embedded pe malware family
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine PUABundler:Win32/Soft32Downloader?



File Info:

name: 242FBCF99893C7E08276.mlw
path: /opt/CAPEv2/storage/binaries/289fee466521c1f247a19c46680082c39078e0b9de673642a8f81c654bdd7cf5
crc32: 2EB62AF6
md5: 242fbcf99893c7e082766a9e730103df
sha1: f4348f5ed1651eaba3c7496397a6652d3f9af536
sha256: 289fee466521c1f247a19c46680082c39078e0b9de673642a8f81c654bdd7cf5
sha512: b70edf4557c299783e3e5f69ddfee8d2ff066b99d570f5a4b20f00d132196706c3089b2237297b70f72c4ecd718d53fc3cebaab046639d22bf9a7937029739fd
ssdeep: 12288:rwMDD4yOtJVrfyDL3xcqXIHBC3OLQjPHyEOOym:rtgyOjVbyHJXkuOL2SEGm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D2D423881F908873C4E5F8F010BA3415D7BA9EAE239B5D470BB57E664C34723DE151AE
sha3_384: 8eb1233b38b5f70e576690f0929ab3e7168e9c4829508e871ef1d6a4588d86adeb3693417632f3f8e820b7e745d54878
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:52


Version Info:

0: [No Data]

PUABundler:Win32/Soft32Downloader also known as:

BkavW32.AIDetectMalware
LionicAdware.Win32.Generic.mzLM
ClamAVWin.Trojan.Generic-9855872-0
FireEyeGeneric.mg.242fbcf99893c7e0
CAT-QuickHealPUA.Wedownload1.Gen
SkyhighArtemis!PUP
McAfeeArtemis!242FBCF99893
Cylanceunsafe
ZillyaAdware.AgentCRT.Win32.28
SangforSuspicious.Win32.Save.ins
K7AntiVirusUnwanted-Program ( 00586e0e1 )
AlibabaAdWare:MSIL/Generic.f2191392
K7GWUnwanted-Program ( 00586e0e1 )
Cybereasonmalicious.ed1651
VirITPUP.Win32.WeDownload.A
SymantecSMG.Heur!gen
Elasticmalicious (high confidence)
ESET-NOD32MSIL/Soft32Downloader.C potentially unwanted
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:AdWare.Win32.Ocna.gen
NANO-AntivirusTrojan.Win32.Soft32Downloader.dwzawx
SUPERAntiSpywarePUP.BundleInstaller/Variant
AvastWin32:Downloader-TOV [PUP]
EmsisoftApplication.Downloader (A)
BaiduWin32.Adware.iBryte.a
F-SecureProgram.APPL/Soft32Down.diq
DrWebAdware.Downware.10564
TrendMicroTROJ_GEN.R002C0OLT23
Trapminemalicious.moderate.ml.score
SophosGeneric Reputation PUA (PUA)
IkarusPUA.MSIL.Soft32downloader
GDataWin32.Application.Soft32Downloader.A
JiangminAdWare.Ocna.bzp
GoogleDetected
AviraAPPL/Soft32Down.diq
Antiy-AVLTrojan[Downloader]/Win32.Agent.beao
Kingsoftmalware.kb.a.955
XcitiumApplication.MSIL.Soft32Downloader.C@6m1tz5
ViRobotAdware.Soft32Downloader.607192.ACK
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.Ocna.gen
MicrosoftPUABundler:Win32/Soft32Downloader
VaristW32/Soft32Download.F.gen!Eldorado
AhnLab-V3Win-PUP/Soft32Downloader.X1404
MalwarebytesGeneric.Malware.AI.DDS
TrendMicro-HouseCallTROJ_GEN.R002C0OLT23
TencentAdware.Win32.DL.d
YandexPUA.Soft32Downloader!LUx+zwfPL5o
SentinelOneStatic AI – Suspicious PE
MaxSecurenot-a-virus:Downloader.Agent.beao
FortinetRiskware/Soft32Downloader
AVGWin32:Downloader-TOV [PUP]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_100% (W)

How to remove PUABundler:Win32/Soft32Downloader?

PUABundler:Win32/Soft32Downloader removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment