PUA

PUP.Optional.DownTango information

Malware Removal

The PUP.Optional.DownTango is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUP.Optional.DownTango virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the shellcode patterns malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine PUP.Optional.DownTango?



File Info:

name: D3CD2222A0C165027930.mlw
path: /opt/CAPEv2/storage/binaries/9f276eeed8ab8696a18d784d361d277ff5fd0f15fcb2606529057b767c6118bb
crc32: E2A49839
md5: d3cd2222a0c1650279306b623235efc6
sha1: bcad7e44e3cd8b4d59c1805e4a95210f821dc994
sha256: 9f276eeed8ab8696a18d784d361d277ff5fd0f15fcb2606529057b767c6118bb
sha512: d876c278a2d9f6dfdb1a10c84fa068fc95a149698c1c110583d19bdac2da7185a2615220e508b88bb4da023007062037aa0d6d8dfa46c5a6a9ff331b23d9cefb
ssdeep: 12288:X3MjhnhQ888888888888W888888888886bKWY2fHMixZAz9uMHW474cWibnRMT/H:HMjhjtIcMHWNiTRq/aTKdPFGkylAH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T163E4F103F3C30432F5690638D956D4886D3379A52AE1686A3DF9FE1F07BC6825C3AB61
sha3_384: 6d8f417228f4ae6d9532da8ed13b3eee58a28c1d4aae9bb717e86f8875c26cae6b09d29ccb7e866ba072090754ca48c4
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2012-07-09 13:41:29


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Downtango Setup                                             
FileVersion: 4.3                 
LegalCopyright: Copyright (c) 2012, www.simplytech.com                                                              
ProductName: Downtango                                                   
ProductVersion: 4.3                 
Translation: 0x0000 0x04b0

PUP.Optional.DownTango also known as:

BkavW32.AIDetectMalware
LionicRiskware.Win32.Widdit.1!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Generic.35250767
SkyhighArtemis
ALYacTrojan.Generic.35250767
SangforAdware.Win32.Agent.Vgra
K7AntiVirusUnwanted-Program ( 005876111 )
BitDefenderTrojan.Generic.35250767
K7GWUnwanted-Program ( 005876111 )
CrowdStrikewin/grayware_confidence_100% (W)
VirITPUP.Win32.SimplyTech.A
SymantecSMG.Heur!gen
ESET-NOD32a variant of Win32/Toolbar.Widdit.A potentially unwanted
APEXMalicious
Kasperskynot-a-virus:WebToolbar.Win32.Agent.cal
NANO-AntivirusRiskware.Win32.Widdit.ezawnw
SUPERAntiSpywarePUP.DownTango/Variant
AvastWin32:MiscX-gen [PUP]
RisingAdware.Agent!1.F378 (CLASSIC)
EmsisoftApplication.Toolbar (A)
F-SecurePotentialRisk.PUA/Widdit.Gen
DrWebAdware.Toolbar.607
VIPRETrojan.Generic.35250767
TrendMicroTROJ_GEN.R002C0OB624
FireEyeTrojan.Generic.35250767
SophosGeneric Reputation PUA (PUA)
MAXmalware (ai score=81)
WebrootW32.Malware.Gen
GoogleDetected
AviraPUA/Widdit.Gen
MicrosoftPUA:Win32/Widdit
ArcabitTrojan.Generic.D219E24F
ZoneAlarmnot-a-virus:WebToolbar.Win32.Agent.cal
GDataWin32.Application.SimplyTech.A
CynetMalicious (score: 99)
McAfeeArtemis!D3CD2222A0C1
VBA32Downloader.MSIL.gen.rexp
MalwarebytesPUP.Optional.DownTango
TrendMicro-HouseCallTROJ_GEN.R002C0OB624
IkarusPUA.SimplyTech
MaxSecurenot-a-virus:.WebToolbar.FirstFloor.a
FortinetRiskware/Widdit
AVGWin32:MiscX-gen [PUP]
DeepInstinctMALICIOUS

How to remove PUP.Optional.DownTango?

PUP.Optional.DownTango removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment