Risk

About “RiskTool.Win32.HideExec.bm” infection

Malware Removal

The RiskTool.Win32.HideExec.bm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What RiskTool.Win32.HideExec.bm virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • Uses Windows utilities for basic functionality
  • Uses suspicious command line tools or Windows utilities

How to determine RiskTool.Win32.HideExec.bm?



File Info:

crc32: 83CFA15D
md5: 62febb204f8b78411c08b60c76d4eb46
name: uclauncher_211.53.38.240_installer.exe
sha1: 4d1abc002bd580758a5fc7ec4aab26b742989d0c
sha256: ea1faf0f836dcea944c039edcd50474cd68930f3bf4c08ed4ea8ec6888c6b5d3
sha512: 3ba7f92f85c3b9e911dafee8d16e58cd331e1d408e74340d34fdb7fed37e8270911d04aa873c29ac3813d23220d9ad6a7c643ae9001a62176d4cdf9ea53c2f8a
ssdeep: 196608:LZBxMHLKy8AkDgYpx+GSW+LhoxhH693+p8n7sqTgdDym:9MHv3hoLS3+t6cym
type: PE32 executable (console) Intel 80386, for MS Windows


Version Info:

0: [No Data]

RiskTool.Win32.HideExec.bm also known as:

BkavW32.AIDetectVM.malware2
Qihoo-360Win32/Virus.RiskTool.039
CylanceUnsafe
CyrenW32/Trojan.HKXD-7151
SymantecPUA.Gen.2
Kasperskynot-a-virus:RiskTool.Win32.HideExec.bm
AlibabaRiskWare:Win32/HideExec.5c62af96
SophosNirCmd (PUA)
ZoneAlarmnot-a-virus:RiskTool.Win32.HideExec.bm
FortinetRiskware/HideExec

How to remove RiskTool.Win32.HideExec.bm?

RiskTool.Win32.HideExec.bm removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment