Adware

SigAdware.IWININC removal

Malware Removal

The SigAdware.IWININC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What SigAdware.IWININC virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Deletes its original binary from disk
  • Anomalous binary characteristics

Related domains:

dl.iwin.com

How to determine SigAdware.IWININC?



File Info:

crc32: A8322B25
md5: aec587a247647eba75dc32dbafcd674d
name: AEC587A247647EBA75DC32DBAFCD674D.mlw
sha1: 744b84c4c5f5cdb71378b6d620dcc0867675a5b3
sha256: dcd92f4e21e32848dea4157843e0063bcfd9252f2486b1a3f25bcc07049bb863
sha512: ae612d942da0594fc052a337c61878ca2bf05e483141dd282653b0a4b35e48e2537991559f7f6354a0f2277b71902e6d58bee7cee67fee6575415fc6046ebe23
ssdeep: 1536:FLXB65939tY6HBg4sXJSiwhKKS20Ub2nLnVQ1KxSmiwGOcVf2Uf7E2f:FLk395hYXJSiZKoHLnRx5i0YQ2f
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

LegalCopyright: xa9 iWin inc.
FileVersion: 1.0.2.0
CompanyName: iWin inc.
ProductName: iWin Games
ProductVersion: 1.0.2.0
FileDescription: iWin Games Downloader
Translation: 0x0409 0x0000

SigAdware.IWININC also known as:

K7AntiVirusAdware ( 0054f14d1 )
K7GWAdware ( 0054f14d1 )
CyrenW32/Downware.X.gen!Eldorado
Kasperskynot-a-virus:HEUR:Downloader.Win32.Generic
AlibabaDownloader:Win32/SigAdware.39e9a974
SophosGeneric ML PUA (PUA)
AviraGAME/Downloader.Gen8
Antiy-AVLRiskWare[Downloader]/Win32.Agent.hdyt
ZoneAlarmnot-a-virus:HEUR:Downloader.Win32.Generic
CynetMalicious (score: 85)
VBA32SigAdware.IWININC
MalwarebytesPUP.Optional.IWin

How to remove SigAdware.IWININC?

SigAdware.IWININC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment