Categories: PUA

PUA:Win32/SuperOptimizer information

The PUA:Win32/SuperOptimizer is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUA:Win32/SuperOptimizer virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the DridexV4 malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine PUA:Win32/SuperOptimizer?



File Info:

name: 1360D8FF7DE84CDDC4D9.mlwpath: /opt/CAPEv2/storage/binaries/927fa5fea13f8f3c28e307ffea127fb3511b32024349b39bbaee63fac8dcded7crc32: A0CEC493md5: 1360d8ff7de84cddc4d93b81c71cd23csha1: 05b7677d38dab4dd5b8baffa442e5118badf16c0sha256: 927fa5fea13f8f3c28e307ffea127fb3511b32024349b39bbaee63fac8dcded7sha512: 219fc4bbf3fe22a222ae89225936cec26bb261669d7ed4bc23751beaa0130a564c6f91737be9fd3440d66925574c49c144df788211b61d278685d48317976140ssdeep: 12288:GbYXjUDDaBhIkW0Gjgdnwo1yiVwHzpmGLbw8YW+Xr4SqEs1NSuh0NjEYk7euwdLi:Z6Sdk7c0RIlsvhnmyntype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1CEE45D3EE15BAF76DB0606FAA3E61C033EB217B95D12F857C8278CD52519B9204F12E1sha3_384: c1c966a8a5f03a1c02ac1e5ad9b4c3908ea277a616b11942ad0821918102daae5f67825670885bece2099a8a30eff417ep_bytes: 8935685040005554891d70504000893dtimestamp: 2017-12-13 06:08:28

Version Info:

InternalName: kbdLegalCopyright: © Microsoft Corporation. All rights reservFileDescription: Sami ExtendeFileVersion: 6.1.7600.1342(win7_rtm.090713-1255OriginalFilename: kbdsProductName: Microsoft® Windows® OperatProductVersion: 6.1.7600.1342CompanyName: Corporati Microsoft Translation: 0x0409 0x04b0

PUA:Win32/SuperOptimizer also known as:

Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Emotet.L!c
MicroWorld-eScan Gen:Variant.Graftor.552655
ClamAV Win.Trojan.Emotet-6400282-0
FireEye Generic.mg.1360d8ff7de84cdd
Skyhigh BehavesLike.Win32.Generic.jc
ALYac Backdoor.RAT.FlawedAmmyy
Cylance unsafe
Zillya Trojan.RA.Win32.156
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 00501d1e1 )
Alibaba Backdoor:Win32/RA-based.783c269b
K7GW Trojan ( 00501d1e1 )
Cybereason malicious.d38dab
BitDefenderTheta Gen:NN.ZexaF.36744.Pq0@aKgTJkfi
VirIT Backdoor.Win32.Wmites.A
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 Win32/RA-based.NFC
APEX Malicious
Cynet Malicious (score: 100)
Kaspersky Backdoor.Win32.RA-based.et
BitDefender Gen:Variant.Graftor.552655
NANO-Antivirus Trojan.Win32.Emotet.ewahee
Avast Win32:Malware-gen
Tencent Malware.Win32.Gencirc.13d35c9d
Emsisoft Gen:Variant.Graftor.552655 (B)
F-Secure Heuristic.HEUR/AGEN.1310248
DrWeb BackDoor.Siggen2.2200
VIPRE Gen:Variant.Graftor.552655
TrendMicro TSPY_EMOTET.SMD25
Trapmine suspicious.low.ml.score
Sophos Mal/EncPk-AOI
Ikarus Trojan.Win32.RA
GData Gen:Variant.Graftor.552655
Jiangmin Backdoor.RA-Based.av
Webroot W32.Trojan.Emotet
Google Detected
Avira HEUR/AGEN.1310248
Antiy-AVL Trojan/Win32.TSGeneric
Kingsoft malware.kb.a.995
Xcitium Malware@#3l1yjoohj50om
Arcabit Trojan.Graftor.D86ECF
ViRobot Trojan.Win32.S.FlawedAmmyy.679936
ZoneAlarm Backdoor.Win32.RA-based.et
Microsoft PUA:Win32/SuperOptimizer
AhnLab-V3 Malware/Win32.Generic.C2397666
McAfee Emotet-FIB!1360D8FF7DE8
VBA32 BScope.Trojan.Trickster
Malwarebytes Generic.Malware/Suspicious
Panda Trj/GdSda.A
TrendMicro-HouseCall TSPY_EMOTET.SMD25
Rising Backdoor.GraceWire!8.107E6 (TFE:2:AvV2W4wDjJT)
Yandex Trojan.GenAsa!ScG6dDwg6Zw
MaxSecure Trojan.Malware.11791268.susgen
Fortinet W32/Kryptik.GLMY!tr
AVG Win32:Malware-gen
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_100% (W)

How to remove PUA:Win32/SuperOptimizer?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: kbdPUA:Win32/SuperOptimizer
3 months ago

Recent Posts

MSIL/GenKryptik.GXIZ information

The MSIL/GenKryptik.GXIZ is considered dangerous by lots of security experts. When this infection is active,…

1 week ago

Malware.AI.2789448175 (file analysis)

The Malware.AI.2789448175 is considered dangerous by lots of security experts. When this infection is active,…

1 week ago

Jalapeno.1878 removal instruction

The Jalapeno.1878 is considered dangerous by lots of security experts. When this infection is active,…

1 week ago

What is “Trojan.Heur3.LPT.YmKfaKBcBekib”?

The Trojan.Heur3.LPT.YmKfaKBcBekib is considered dangerous by lots of security experts. When this infection is active,…

1 week ago

How to remove “Worm.Win32.Vobfus.exmt”?

The Worm.Win32.Vobfus.exmt is considered dangerous by lots of security experts. When this infection is active,…

1 week ago

About “TrojanDownloader:Win32/Beebone.JO” infection

The TrojanDownloader:Win32/Beebone.JO is considered dangerous by lots of security experts. When this infection is active,…

1 week ago