Malware

SoftwareBundler:Win32/Prepscram removal

Malware Removal

The SoftwareBundler:Win32/Prepscram is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What SoftwareBundler:Win32/Prepscram virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Tries to suspend Cuckoo threads to prevent logging of malicious activity
  • Tries to unhook or modify Windows functions monitored by Cuckoo

How to determine SoftwareBundler:Win32/Prepscram?



File Info:

crc32: 2DF99228
md5: b574ab7ce34b75690caf662084f40be5
name: bbbt.exe
sha1: 2616b4a5e074d78fbb62fc0a67740efc5f4a9365
sha256: 49e1553a57bde52b97d708669a09dee54499c752db55107d55efd929b4ff9ab5
sha512: 1e81fcdb24d472ef3ccf274ac97ab1f5346ef48c51401310d56b7139f70e3b635bf1c458d65206d724f07f1fdfd61817ad48b605f0272b3ea41144e17afe6ce0
ssdeep: 49152:353Y8bYIYV7fUHSCWyFSU83BQK5KAoRSpSZhZSVjExK3PfcC:J3P9YFfUHShw81KADSZhZs/fc
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: x51b7x97f3x5b66x4e60x53c2x8003x8f85x52a9xff0cx62d2x7eddx76d7x5356 x7248x6743x6240x6709
FileVersion: 1.0.0.0
CompanyName: x51b7x97f3x5b66x4e60x53c2x8003x8f85x52a9xff0cx62d2x7eddx76d7x5356
Comments: x672cx7a0bx5e8fx4f7fx7528x6613x8bedx8a00x7f16x5199(http://www.eyuyan.com)
ProductName: x6613x8bedx8a00x7a0bx5e8f
ProductVersion: 1.0.0.0
FileDescription: x6613x8bedx8a00x7a0bx5e8f
Translation: 0x0804 0x04b0

SoftwareBundler:Win32/Prepscram also known as:

BkavHW32.Packed.
MicroWorld-eScanGen:Variant.Strictor.200324
CAT-QuickHealTrojan.IGENERIC
McAfeeArtemis!B574AB7CE34B
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusAdware ( 004b8e1b1 )
BitDefenderGen:Variant.Strictor.200324
K7GWAdware ( 004b8e1b1 )
CrowdStrikewin/malicious_confidence_90% (W)
TrendMicroTROJ_GEN.R015C0RLJ19
F-ProtW32/S-d1e9242c!Eldorado
APEXMalicious
AvastWin32:Trojan-gen
GDataWin32.Application.PUPStudio.A
AlibabaPacked:Win32/VMProtect.69aa7e4a
NANO-AntivirusTrojan.Win32.Black.gmhrig
AegisLabTrojan.Win32.Strictor.4!c
RisingMalware.Heuristic!ET#98% (RDMK:cmRtazpfv7pF87BWT7CgHdzB8oMr)
Ad-AwareGen:Variant.Strictor.200324
SophosMal/VMProtBad-A
ComodoTrojWare.Win32.Agent.ISVQ@5mbonp
F-SecureTrojan.TR/Black.Gen2
ZillyaTrojan.VMProtect.Win32.14911
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.b574ab7ce34b7569
EmsisoftGen:Variant.Strictor.200324 (B)
IkarusPUA.Virbox
CyrenW32/S-d1e9242c!Eldorado
AviraTR/Black.Gen2
Antiy-AVLTrojan[Packed]/Win32.Vemply
Endgamemalicious (high confidence)
ArcabitTrojan.Strictor.D30E84
SUPERAntiSpywareTrojan.Agent/Gen-OnlineGames
MicrosoftSoftwareBundler:Win32/Prepscram
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34090.dA0@a8wFFWfb
ALYacGen:Variant.Strictor.200324
MAXmalware (ai score=85)
ESET-NOD32a variant of Win32/Packed.VMProtect.ABO
TrendMicro-HouseCallTROJ_GEN.R015C0RLJ19
TencentWin32.Trojan.Suspicious.Pezc
SentinelOneDFI – Malicious PE
eGambitUnsafe.AI_Score_100%
FortinetRiskware/VMProtBad
AVGWin32:Trojan-gen
Cybereasonmalicious.5e074d
Paloaltogeneric.ml
MaxSecureTrojan.Malware.10672965.susgen

How to remove SoftwareBundler:Win32/Prepscram?

SoftwareBundler:Win32/Prepscram removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment