UDS:Virus.Win32.Sality.g (file analysis)

The UDS:Virus.Win32.Sality.g is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What UDS:Virus.Win32.Sality.g virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine UDS:Virus.Win32.Sality.g?


File Info:
name: 385935282F095BD1DB43.mlw
path: /opt/CAPEv2/storage/binaries/b04d14c97edcc0728a5ff6c260c10ae388be8cb3fb04564c76fdeda7e020cf72
crc32: F9B3A59F
md5: 385935282f095bd1db438e08b6be5161
sha1: fd963480d049ac9fa409c517b3b13a17107d28da
sha256: b04d14c97edcc0728a5ff6c260c10ae388be8cb3fb04564c76fdeda7e020cf72
sha512: 5fd4795f46684f4094da562877267e5243d8537b95875ac9e217b64f8a6da3f912d84c9dbb45a04c2231e25564ca72f61b979a7365eb63146cb28b67f18a0d15
ssdeep: 768:M35Ha4qL9QQo8EwJbf6KwCNaHmlQHK23/pfYpahKvOTHnXSebMJXTkVb4GGM:M39a4qL9QQt6KTN8HB3GGYOTnXSe0+5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18AC32957A491C473C44A0E790E1986F7F237A4211F4A172FF7DE1A0EDE3B299583868E
sha3_384: c538d493e725fdd17e24b234d0ac4fbe6c6bd2d451be8eb43a3466e9e5f4ec4fc0f2def2e289a9618beee674c7d588ff
ep_bytes: 00000000000000000000000000000000
timestamp: 1992-06-19 22:22:17

Version Info:
0: [No Data]

UDS:Virus.Win32.Sality.g also known as:

Bkav	W32.AIDetect.malware1
Lionic	Trojan.Win32.Sality.4!c
FireEye	Generic.mg.385935282f095bd1
CAT-QuickHeal	W32.SalityDll.G4
ALYac	Win32.Sality.H
Sangfor	Virus.Win32.Sality.g
CrowdStrike	win/malicious_confidence_70% (W)
Symantec	ML.Attribute.HighConfidence
Kaspersky	UDS:Virus.Win32.Sality.g
Avast	Win32:Sality-AV
DrWeb	Win32.HLLP.Sector.28332
McAfee-GW-Edition	Artemis!Virus
Sophos	Mal/Generic-S
APEX	Malicious
GData	Win32.Trojan.Agent.OBDPPY
Avira	W32/Sality.dll
Antiy-AVL	Trojan/Generic.ASMalwS.35209A7
Microsoft	Trojan:Win32/Sabsik.TE.B!ml
Cynet	Malicious (score: 100)
VBA32	Trojan.Sality.16109
Malwarebytes	MachineLearning/Anomalous.97%
Ikarus	Win32.Sality
Rising	Backdoor.KUKU!1.A155 (CLOUD)
AVG	Win32:Sality-AV

How to remove UDS:Virus.Win32.Sality.g?

UDS:Virus.Win32.Sality.g removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X