PUA

What is “PUP.Optional.ElectraWorks”?

Malware Removal

The PUP.Optional.ElectraWorks is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUP.Optional.ElectraWorks virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • HTTPS urls from behavior.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the embedded pe malware family
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Touches a file containing cookies, possibly for information gathering
  • Yara detections observed in process dumps, payloads or dropped files

How to determine PUP.Optional.ElectraWorks?



File Info:

name: F610C53BC6027FA947B2.mlw
path: /opt/CAPEv2/storage/binaries/a60eaa195310a419b6981b234938b9d5c2ca4e5daf3514455736848bfaeba561
crc32: 5D07A56A
md5: f610c53bc6027fa947b2198a20a1f9d8
sha1: 4597195d36c23d9c639f190225464740e3409ab4
sha256: a60eaa195310a419b6981b234938b9d5c2ca4e5daf3514455736848bfaeba561
sha512: f1409349f634ba849aecfe13d18b764fbab0c865d97220f4128ae4651dc158c3cc7b34a49608858b03c6f8c465927d869386e1907bd9e156d38687ec18c9dfef
ssdeep: 24576:hZehIeM02O/GldZehIegbUqeSPMTrJzgeoL2/JqDFHXFxU74y:hohIPohIvASiT/Jq51xIv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12F0512027BC4407BE9370170BD6EAB621A76AD7EA8B9630FD7503A0439F3B42456B717
sha3_384: f2b8b25667f29055b6bb6b216e7a04c811ace096dca5bca2ef4517bc78b5a9b321a7e0f9e3af2cc290d48e1b7013e6da
ep_bytes: 558bec6aff68f8604000685433400064
timestamp: 2012-12-13 16:15:23


Version Info:

0: [No Data]

PUP.Optional.ElectraWorks also known as:

BkavW32.AIDetectMalware
ZillyaAdware.LoadMoney.Win32.71252
K7GWAdware ( 005a5df01 )
K7AntiVirusAdware ( 005a5df01 )
ESET-NOD32a variant of Win32/ElectraWorksLimited.A potentially unwanted
Paloaltogeneric.ml
Kingsoftmalware.kb.a.981
VBA32BScope.TrojanSpy.DOS
MalwarebytesPUP.Optional.ElectraWorks
RisingTrojan.Generic@AI.99 (RDML:xgWb27sC0CuqUaBkEaOSNg)
IkarusPUA.ElectraWorksLimited
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/ElectraWorksLimited
DeepInstinctMALICIOUS

How to remove PUP.Optional.ElectraWorks?

PUP.Optional.ElectraWorks removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment