Crack

UDS:HackTool.Win32.Cobalt malicious file

Malware Removal

The UDS:HackTool.Win32.Cobalt is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What UDS:HackTool.Win32.Cobalt virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Crashed cuckoomon during analysis. Report this error to the Github repo.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine UDS:HackTool.Win32.Cobalt?



File Info:

crc32: 85A0B350
md5: f22083e11a7c34c3ddd3726f65fb3939
name: F22083E11A7C34C3DDD3726F65FB3939.mlw
sha1: 1d529d5f0e330f5fc485699f3bc67c918619da67
sha256: 316f938abb63266eb410087f7f4b20e987cb9a8be1e385e95c420d96c9ac6f76
sha512: c27c2f82f574d0db400ca26ce7663d77c8d21a14a52ea7a35e37842d36e9f176fcf17357106a5050cb2d11de930ddddc8e6f2c09d9b3f63932e0b5ca3359102a
ssdeep: 6144:/61FoHY1j12PbimfGsE6m4FtWfAvpofL0tJ1PDi7wfaZwln/6kgUB9Z5Dr5kCvj:Zcj12PGYEgvIE9Di7orlikjOCvjbD0v
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 2004
MIMEType: application/x-java-applet;version=1.2|application/x-java-bean;version=1.2|application/x-java-applet;version=1.1.3|application/x-java-bean;version=1.1.3|application/x-java-applet;version=1.1.2|application/x-java-bean;version=1.1.2
FileExtents: |||||
FileVersion: 5.0.60.5
Full Version: 1.5.0_06-b05
FileOpenName: Java Applet|JavaBeans|Java Applet|JavaBeans|Java Applet|JavaBeans
InternalName: Java(TM) Plug-in
ProductName: Java(TM) 2 Platform Standard Edition 5.0 Urdate 6
CompanyName: Sun Microsystems, Inc.
ProductVersion: 5.0.60.5
FileDescription: Java Plug-in 1.5.0_06 for Netscape Navigator (DLL Helper)
OriginalFilename: NPJava12.dll
Translation: 0x0409 0x04e4

UDS:HackTool.Win32.Cobalt also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005485311 )
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 005485311 )
Cybereasonmalicious.f0e330
SymantecML.Attribute.HighConfidence
APEXMalicious
CynetMalicious (score: 100)
KasperskyUDS:HackTool.Win32.Cobalt
SophosGeneric PUA BN (PUA)
BitDefenderThetaGen:NN.ZexaF.34104.wu0@aqqJx7mP
McAfee-GW-EditionBehavesLike.Win32.Drixed.fc
FireEyeGeneric.mg.f22083e11a7c34c3
SentinelOneStatic AI – Malicious PE
KingsoftWin32.Heur.KVMH008.a.(kcloud)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GridinsoftTrojan.Heur!.02012021
Acronissuspicious
McAfeeArtemis!F22083E11A7C
MalwarebytesMalware.AI.3692191579
RisingTrojan.Generic@ML.100 (RDML:ke+akOKrQlvfarIgmaf/YQ)
Paloaltogeneric.ml

How to remove UDS:HackTool.Win32.Cobalt?

UDS:HackTool.Win32.Cobalt removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment