PUA

PUP.Optional.Wallpaper malicious file

Malware Removal

The PUP.Optional.Wallpaper is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUP.Optional.Wallpaper virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • HTTPS urls from behavior.
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Attempts to modify proxy settings

How to determine PUP.Optional.Wallpaper?



File Info:

name: 6E43FB0546033A7A4CA5.mlw
path: /opt/CAPEv2/storage/binaries/dcd9bcebe726535a593526e3bb3ba4d3ce16e232e98d4ae4446ef9506b76689f
crc32: 5FAF4CB4
md5: 6e43fb0546033a7a4ca5921dcbd89e7a
sha1: 9d02cbe797f24bfa1bd2733970710b52ca81e6a8
sha256: dcd9bcebe726535a593526e3bb3ba4d3ce16e232e98d4ae4446ef9506b76689f
sha512: 27363df408b3fd2ffc60c27bcebb1fc04ec6ab895a893843af9d7f94b2dd425feab755a407c8d1da43d7472076f74e35a2db058b8a9aa8ad92556db3742e6712
ssdeep: 98304:DZR0GPdokuxMcfJ4e9BmNvgRjQe3eTq1z5OaKzPHpfmqq/maxk9lFBkjxTsUulti:Dv0sOMcfB94vgRTeTvfqPx4bmNatod
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T138863381E3A7D0E9EC752638FC3319F25A979D69E784B8E300C57D1234356928A387E7
sha3_384: 3fd298718d21047ec1d3e2cee61319729de022de9ca014afcff0a39ccf95e9f3a421ecbeaa40c457d95137f034918d53
ep_bytes: 81ec8401000053565733db6801800000
timestamp: 2018-01-30 03:57:45


Version Info:

CompanyName: WallpaperSuite
FileVersion: 1.0.0.1
OriginalFilename: WallpaperSuiteInstaller.exe
ProductName: WallpaperSuiteInstaller
ProductVersion: 1.0.0.1
Translation: 0x040c 0x04e4

PUP.Optional.Wallpaper also known as:

LionicTrojan.Win32.RegRun.4!e
FireEyeGeneric.mg.6e43fb0546033a7a
McAfeeArtemis!6E43FB054603
CylanceUnsafe
CyrenW32/Adware.R.gen!Eldorado
ESET-NOD32a variant of Win32/WallpaperHD.A potentially unwanted
TrendMicro-HouseCallPUA.Win32.WallpaperHD.AC
RisingMalware.Heuristic!ET#90% (RDMK:cmRtazri83h2k3O4utmZMA+uWSPz)
TrendMicroPUA.Win32.WallpaperHD.AC
McAfee-GW-EditionBehavesLike.Win32.Generic.wc
SophosGeneric ML PUA (PUA)
VBA32BScope.Trojan.Wacatac
MalwarebytesPUP.Optional.Wallpaper
APEXMalicious
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.11973.susgen
CrowdStrikewin/malicious_confidence_60% (D)

How to remove PUP.Optional.Wallpaper?

PUP.Optional.Wallpaper removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment