About “RiskWare.BadJoke” infection

The RiskWare.BadJoke is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What RiskWare.BadJoke virus can do?

Unconventionial language used in binary resources: Polish
The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine RiskWare.BadJoke?


File Info:
crc32: 68A2BC69
md5: 1205bfebec8d591b9968cb4c860b1e1b
name: 1205BFEBEC8D591B9968CB4C860B1E1B.mlw
sha1: f01aae99da3ffb03552a33544dd767e241ea30f4
sha256: b9e95b5be5ed858eea45dfd3715b583d09a369c0fc8753a3e5db24cf61d9284c
sha512: d8388b7c497a5bef21590b8daa2a8c72563b77809d7102e16f35a0a992dd6c7c4a75cb196184e930536803f7beaa5b741ea947559c6d7dc94b1ff0ace3538ffb
ssdeep: 3072:nvGyYiSDnt1m5GWp1icKAArDZz4N9GhbkrNEkuCK3yJbsk8ANE7cRxoYZ2nL2nK:p4Qp0yN90QE2Gk3DElninKh6
type: PE32+ executable (GUI) x86-64, for MS Windows

Version Info:
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: Wextract                
FileVersion: 11.00.17763.1 (WinBuild.160101.0800)
CompanyName: Microsoft Corporation
ProductName: Internet Explorer
ProductVersion: 11.00.17763.1
FileDescription: Win32 Cabinet Self-Extractor                                           
OriginalFilename: WEXTRACT.EXE            .MUI
Translation: 0x0409 0x04b0

RiskWare.BadJoke also known as:

K7AntiVirus	Trojan ( 0057aa011 )
Cylance	Unsafe
Sangfor	Trojan.Win32.Dapato.ky
CrowdStrike	win/malicious_confidence_80% (W)
Alibaba	Trojan:Win64/BadJoke.0d5d230d
K7GW	Trojan ( 0057aa011 )
Cybereason	malicious.9da3ff
Symantec	Trojan.Gen.MBT
ESET-NOD32	MSIL/BadJoke.WU
APEX	Malicious
Avast	Win64:Trojan-gen
Kaspersky	UDS:Trojan-Dropper.Win32.Dapato
Sophos	Mal/Generic-S
McAfee-GW-Edition	Artemis!Trojan
Microsoft	Trojan:Win32/Wacatac.B!ml
AegisLab	Trojan.Win32.Blocker.j!c
AhnLab-V3	Malware/Win.Generic.C4451103
McAfee	Artemis!1205BFEBEC8D
Malwarebytes	RiskWare.BadJoke
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/BadJoke.WU!tr
AVG	Win64:Trojan-gen
Paloalto	generic.ml

How to remove RiskWare.BadJoke?

RiskWare.BadJoke removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X