PUA

PUP.Optional.Syncopate information

Malware Removal

The PUP.Optional.Syncopate is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What PUP.Optional.Syncopate virus can do?

  • Presents an Authenticode digital signature
  • A process attempted to delay the analysis task.
  • Attempts to connect to a dead IP:Port (7 unique times)
  • Reads data out of its own binary image
  • Performs some HTTP requests
  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Attempts to create or modify system certificates
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
gnlogin.ru
a.tomx.xyz
apps.identrust.com
crl.identrust.com
x1.c.lencr.org
r3.o.lencr.org
gnapi.com
ocsp.godaddy.com
fs0.gamenet.ru

How to determine PUP.Optional.Syncopate?


File Info:

crc32: C5FA35A8
md5: a40da95ef3b4ac51b8afa84bb45d617f
name: A40DA95EF3B4AC51B8AFA84BB45D617F.mlw
sha1: 55bcaf482651fbfc0d329c4aea5e2d95db701e28
sha256: 25199f40e181c8893461d628e691bb9e61f980dd5de5dc26752a9cf4f0dfc891
sha512: b00204877236c974eeab9ac58d3542f19ccf8e3a8f459cf7d3ab25c637c7a4c135e9fd0a5a32dd73972c51dfe861f0f184d3259cef39643a2dbce75a10eb2ee1
ssdeep: 12288:jJfn9d2yFOpE0LCihZgqQZH6l2WiKhp68:dfn9d2yME0+izgNZHiikp68
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright(c) 2010 - 2015
InternalName: Reborn
FileVersion: 1,0,1012,dc6ff9ab77ea66f0b2877baa66b00c9066705f5d
CompanyName: Global Gamers Solutions Ltd. (c)
ProductName: Reborn game installer
ProductVersion: 1,0,1012,dc6ff9ab77ea66f0b2877baa66b00c9066705f5d
FileDescription: Reborn game installer
OriginalFilename: RebornInstaller.exe
Translation: 0x0419 0x04b0

PUP.Optional.Syncopate also known as:

K7AntiVirusUnwanted-Program ( 0053edc31 )
CAT-QuickHealTrojan.MauvaiseRI.S5244592
CylanceUnsafe
ZillyaTrojan.Bublik.Win32.17657
CrowdStrikewin/malicious_confidence_100% (D)
K7GWUnwanted-Program ( 0053edc31 )
Cybereasonmalicious.82651f
CyrenW32/S-d505b73b!Eldorado
ESET-NOD32a variant of Win32/Syncopate.C potentially unsafe
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:Downloader.Win32.Generic
TencentMalware.Win32.Gencirc.10b8c990
SophosGeneric ML PUA (PUA)
ComodoTrojWare.Win32.Agent.KDV@4x3daa
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.AdwareReklosoft.hh
FireEyeGeneric.mg.a40da95ef3b4ac51
SentinelOneStatic AI – Suspicious PE
JiangminTrojanDownloader.Generic.aiis
eGambitUnsafe.AI_Score_54%
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3PUP/Win32.Helper.R250104
VBA32Downloader.Soft32
MalwarebytesPUP.Optional.Syncopate
YandexTrojan.GenAsa!QWIqy0gswOQ
IkarusTrojan.SuspectCRC
MaxSecureDownloader.not-a-virus.WIN32.Downloader.Generic_193486
FortinetRiskware/Syncopate

How to remove PUP.Optional.Syncopate?

PUP.Optional.Syncopate removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment