Risk

RiskTool.Win32.FlyStudio.cyub malicious file

Malware Removal

The RiskTool.Win32.FlyStudio.cyub is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What RiskTool.Win32.FlyStudio.cyub virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Binary file triggered YARA rule
  • Yara detections observed in process dumps, payloads or dropped files

How to determine RiskTool.Win32.FlyStudio.cyub?


File Info:

name: 664489B256CD6198CFCC.mlw
path: /opt/CAPEv2/storage/binaries/db6152660051c37ee38335bde1352d11c8245ba4c2442180b2172f8079672286
crc32: 6C308AC7
md5: 664489b256cd6198cfcc830c21666228
sha1: 86005aa79daaae7de487b8464088f0c16592aaa0
sha256: db6152660051c37ee38335bde1352d11c8245ba4c2442180b2172f8079672286
sha512: 7979ab2e3fdb086376a99c7ab7b0eac34703161a12b3718ada59a26ba7f32663bccce9aa5cd06c97ff40000c20309ad2f3d797e28a561393d9fa714eaf3a6249
ssdeep: 98304:KGbsdkv1liA8Qvx14hRyhNAVDRFgGX5wK0Nny:pbtirex1EIWVDXpwK0Nn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FE0633E3A94D079AD42B92B045320D650BB53CE404FA5AAE4AC0FA5FA4B353746FF40F
sha3_384: b295c63166d71d376d71e40a49f9de72e5378ae3c8f930d1bcfccfa3cd030e73db6ce6cb0f836466f7ab23b9af138412
ep_bytes: e951f2ccfffaf324f1c5a67b0f0cb03c
timestamp: 2021-08-21 14:18:01

Version Info:

FileVersion: 1.0.0.0
FileDescription: update
ProductName: update
ProductVersion: 1.0.0.0
CompanyName: update
LegalCopyright: update 版权所有
Comments: update
Translation: 0x0804 0x04b0

RiskTool.Win32.FlyStudio.cyub also known as:

BkavW32.AIDetectMalware
LionicRiskware.Win32.FlyStudio.1!c
tehtrisGeneric.Malware
FireEyeGeneric.mg.664489b256cd6198
SkyhighBehavesLike.Win32.Generic.wc
McAfeeArtemis!664489B256CD
Cylanceunsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (D)
AlibabaPacked:Win32/Vemply.39b0f3d5
K7GWUnwanted-Program ( 0056626f1 )
K7AntiVirusUnwanted-Program ( 0056626f1 )
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.VMProtect.ABO
APEXMalicious
Kasperskynot-a-virus:RiskTool.Win32.FlyStudio.cyub
AvastFileRepMalware [Misc]
TencentMalware.Win32.Gencirc.11b8dad0
SophosMal/VMProtBad-A
F-SecureTrojan.TR/Black.Gen2
Trapminemalicious.moderate.ml.score
GoogleDetected
AviraTR/Black.Gen2
KingsoftWin32.Troj.Undef.a
MicrosoftTrojan:Win32/Malgent
ZoneAlarmnot-a-virus:RiskTool.Win32.FlyStudio.cyub
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZexaF.36802.SB0@a4mB9gfb
MalwarebytesGeneric.Malware/Suspicious
RisingTrojan.Generic@AI.98 (RDML:jXhiSnVhd1MWrM23+n+BuQ)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGFileRepMalware [Misc]
DeepInstinctMALICIOUS
alibabacloudRiskware:Win/Malgent

How to remove RiskTool.Win32.FlyStudio.cyub?

RiskTool.Win32.FlyStudio.cyub removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment