Malware

UDS:Downloader.Win32.Gamini removal guide

Malware Removal

The UDS:Downloader.Win32.Gamini is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What UDS:Downloader.Win32.Gamini virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine UDS:Downloader.Win32.Gamini?



File Info:

name: A9C3A7FDF60EB4014C85.mlw
path: /opt/CAPEv2/storage/binaries/ea5687d1faa0ef327761b8e7242a26a9bcf905d1f0b4bd40795ca5d9ad196999
crc32: 0FB8B9B1
md5: a9c3a7fdf60eb4014c8550cae623df5f
sha1: d69d135191412087a5432918500818bd4ceb0153
sha256: ea5687d1faa0ef327761b8e7242a26a9bcf905d1f0b4bd40795ca5d9ad196999
sha512: 7f3af6e387cdd511cf4ca2ce60ba5e95e18fe58ba738626e4aac580bb95dca56f454673f1a269264d022eef5924dd5d1d73711265dedf62e4d2c3b57fc75ac85
ssdeep: 24576:z7FUDowAyrTVE3U5FgSb712KL2CtoECgR721unTeddf7vmwp77Tq14lD2Fc9:zBuZrEU8Sb7zL2ko5QbnTOdf73Tq1sd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T136A5BE3F7258682FD46A1B350673D7305A7B6E90B506CE2B13F04C6FFF226A12D2A591
sha3_384: 6221dac191c1fe6b38c5989f0c37a05af5706d8470a030626106cb558e5e7610dc6bb8f963b820ab76b25a252132df8b
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2023-02-15 14:54:16


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: tuttop.com                                                  
FileDescription: Darkest Dungeon II Setup                                    
FileVersion:                     
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: Darkest Dungeon II                                          
ProductVersion: 1.04.59290                                        
Translation: 0x0000 0x04b0

UDS:Downloader.Win32.Gamini also known as:

Elasticmalicious (high confidence)
DrWebAdware.Downware.20519
SkyhighBehavesLike.Win32.SuspiciousTrojan.vc
Cylanceunsafe
SymantecPUA.Gen.2
ESET-NOD32a variant of Win32/UniDL.C potentially unwanted
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:UDS:Downloader.Win32.Gamini
AvastFileRepMalware [Misc]
Trapminesuspicious.low.ml.score
SophosGeneric Reputation PUA (PUA)
IkarusGen.MSIL.Krypt
GoogleDetected
ZoneAlarmnot-a-virus:UDS:Downloader.Win32.Gamini
MicrosoftPUA:Win32/Caypnamer.A!ml
MalwarebytesPUP.Optional.BundleInstaller.DDS
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGFileRepMalware [Misc]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_60% (D)

How to remove UDS:Downloader.Win32.Gamini?

UDS:Downloader.Win32.Gamini removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment