Should I remove “UDS:Email-Worm.Win32.LovGate”?

Malware Removal

The UDS:Email-Worm.Win32.LovGate is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What UDS:Email-Worm.Win32.LovGate virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • Performs some HTTP requests
  • Looks up the external IP address
  • Steals private information from local Internet browsers
  • Attempts to identify installed AV products by installation directory
  • Harvests credentials from local FTP client softwares
  • Harvests information related to installed instant messenger clients
  • Harvests information related to installed mail clients
  • Attempts to create or modify system certificates
  • Anomalous binary characteristics

Related domains:

checkip.dyndns.org
freegeoip.app

How to determine UDS:Email-Worm.Win32.LovGate?


File Info:

crc32: FBB658E3
md5: b2a809d842b4eff72d7c25449b037c64
name: B2A809D842B4EFF72D7C25449B037C64.mlw
sha1: b86ca12462ea38ba89f25f27720c4ae9cfe0f93b
sha256: 6f798ae9eba1b1a955ab1f3cb0806dc16d8fd80bc4036b910e135e3035c87fbc
sha512: 8eb5a30f697d2409d21a4fce596eb100342af103523d97201181750c0fd7793a0f53bfa9eba8d8836a00ddad0b91a2268ca46e7309ed53f682c32a8d55bb640f
ssdeep: 6144:vzIPawDQNYeWhhoabMgAb60FjRkJKCYoFSZn4DOgDL3:7IPLQdaYFbvj4KNoFW4qgDL3
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

UDS:Email-Worm.Win32.LovGate also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
Cybereasonmalicious.462ea3
SymantecML.Attribute.HighConfidence
APEXMalicious
CynetMalicious (score: 100)
KasperskyUDS:Email-Worm.Win32.LovGate
SophosML/PE-A
BitDefenderThetaGen:NN.ZexaF.34050.riZ@a4@rEfk
McAfee-GW-EditionBehavesLike.Win32.VirRansom.dc
FireEyeGeneric.mg.b2a809d842b4eff7
SentinelOneStatic AI – Malicious PE
MicrosoftTrojan:Win32/VirRansom.DM!MTB
McAfeeArtemis!B2A809D842B4
VBA32BScope.Trojan-Dropper.Injector
RisingTrojan.Generic@ML.84 (RDML:+CPj8uCTM2JlqvU5wWMt9g)
FortinetMSIL/SpyPSW.AVQ!tr
Paloaltogeneric.ml
Qihoo-360HEUR/QVM20.1.BCBF.Malware.Gen

How to remove UDS:Email-Worm.Win32.LovGate?

UDS:Email-Worm.Win32.LovGate removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment