Worm

UDS:Worm.Win32.Yuner (file analysis)

Malware Removal

The UDS:Worm.Win32.Yuner is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What UDS:Worm.Win32.Yuner virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine UDS:Worm.Win32.Yuner?



File Info:

name: 70E5AF21732D6941D8F2.mlw
path: /opt/CAPEv2/storage/binaries/70ff786f4d44fe7aa3d2cbcecf8059b4d73578eb0c7d6eb495a15a82eac22d3f
crc32: B63F1826
md5: 70e5af21732d6941d8f205196ad65371
sha1: bd5f90f688571b4504ad37e1d5a514b9b7e679f9
sha256: 70ff786f4d44fe7aa3d2cbcecf8059b4d73578eb0c7d6eb495a15a82eac22d3f
sha512: 64eeaaccd72edef56761e34cc213c3f27e8511041c01e77a92cc86587065ccb706d92af11ab3c03dabd70ee89c34649c626ca80c1f7baac24de15072526ffbf8
ssdeep: 1536:7vbSgUWaNJYwTcz96EnPrziutTxN0wfyrOuRBoKvxaqHs:xL0J00wFuRBozy
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12734B64172F9E029D4B3B7B55FFAC6958B72BD648A32C11F3294364F89B5D808B21732
sha3_384: bea497c8ac65f1854acd0aa71016fa31cb95488585247497253d0007c4a3dde29493c5953811c42963441789f79f2eb6
ep_bytes: 00000000000000000000000000000000
timestamp: 2007-09-10 14:57:50


Version Info:

0: [No Data]

UDS:Worm.Win32.Yuner also known as:

BkavW32.AIDetect.malware2
LionicWorm.Win32.Yuner.o!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanTrojan.GenericKDZ.87593
McAfeeArtemis!70E5AF21732D
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (W)
CyrenW32/Agent.ELT.gen!Eldorado
APEXMalicious
Paloaltogeneric.ml
KasperskyUDS:Worm.Win32.Yuner
BitDefenderTrojan.GenericKDZ.87593
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKDZ.87593
EmsisoftTrojan.GenericKDZ.87593 (B)
TrendMicroTROJ_GEN.R002C0WF222
McAfee-GW-EditionBehavesLike.Win32.BadFile.dz
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.70e5af21732d6941
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Suspicious PE
GDataWin32.Trojan.PSE1.14A4YNC
JiangminWorm.Yuner.d
AviraHEUR/AGEN.1234339
ArcabitTrojan.Generic.D15629
ZoneAlarmUDS:Worm.Win32.Yuner
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Malware-gen.R490612
ALYacTrojan.GenericKDZ.87593
MAXmalware (ai score=84)
MalwarebytesMalware.AI.3281721048
TrendMicro-HouseCallTROJ_GEN.R002C0WF222
RisingTrojan.Generic@AI.100 (RDML:TZEr5HLkRlJzSKAj0yUqcw)
IkarusWorm.Win32.AutoIt
MaxSecureTrojan.Malware.74173678.susgen
FortinetW32/ULPM.16C0!tr
AVGWin32:Malware-gen
Cybereasonmalicious.688571

How to remove UDS:Worm.Win32.Yuner?

UDS:Worm.Win32.Yuner removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment