Virus.Win32.Senoval.a (file analysis)

The Virus.Win32.Senoval.a is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Virus.Win32.Senoval.a virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Virus.Win32.Senoval.a?


File Info:
name: 79B3C4DA301D3AF5811A.mlw
path: /opt/CAPEv2/storage/binaries/e2e04e7f51ca2991886ad91307384a38421afe12a7a295e7acd0a087c148ffd4
crc32: CA221945
md5: 79b3c4da301d3af5811ae322f0e65d76
sha1: bebe953482179556cc955f4540cdb6427f63a5d2
sha256: e2e04e7f51ca2991886ad91307384a38421afe12a7a295e7acd0a087c148ffd4
sha512: 70b7062552179c230f872c041c630b7316fc77a00db95c54c55be6fa26d003d096c09a3b0754422448ba7a3ed1af75ee761303e4cf7f7cab9b9f5c9dad7c3028
ssdeep: 12288:gy3fT7D2YH8JRp1BbkvWDukLetRChRDm:73fDHH8JRp1BbaWDukLW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BEB4AE067B908FBDF892C47B2A26731D2AA669120B11D3C7B7207B5CCD725DD8A3E351
sha3_384: 37e260aedf366ff46cd0f85635a260c7543734abbe9926f960da44730913f0510e70e1fdc2e1c34b0021e86c05e61a8d
ep_bytes: e80347fdffe96bfdffffcccccc53568b
timestamp: 2014-09-12 00:43:31

Version Info:
CompanyName: Adobe Systems Incorporated
FileDescription: Adobe PDF Broker Process for Internet Explorer
FileVersion: 11.0.9.29
InternalName: AcroBroker.exe
LegalCopyright: Copyright 1984-2012 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename: AcroBroker.exe
ProductName: Adobe PDF Broker Process for Internet Explorer
ProductVersion: 11.0.9.29
Translation: 0x0409 0x04e4

Virus.Win32.Senoval.a also known as:

Bkav	W32.AIDetectMalware
DrWeb	Win32.Beetle.2
Skyhigh	BehavesLike.Win32.Expiro.gc
McAfee	Artemis!79B3C4DA301D
Malwarebytes	Generic.Malware/Suspicious
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 005ab4bf1 )
Alibaba	Trojan:Win32/Senoval.22e7e815
K7GW	Trojan ( 005ab4bf1 )
CrowdStrike	win/malicious_confidence_100% (D)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Patched.NKM
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	Virus.Win32.Senoval.a
NANO-Antivirus	Virus.Win32.Gen-Crypt.ccnc
Avast	Win32:TrojanX-gen [Trj]
Tencent	Trojan.Win32.Pathced_ya.16001052
F-Secure	Trojan.TR/Patched.Gen
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.79b3c4da301d3af5
Sophos	W32/Patched-CD
Google	Detected
Avira	TR/Patched.Gen
Antiy-AVL	Trojan/Win32.Sabsik
ZoneAlarm	Virus.Win32.Senoval.a
Microsoft	Trojan:Win32/Wacatac.B!ml
Varist	W32/Patched.GQ1.gen!Eldorado
AhnLab-V3	Trojan/Win.Generic.C5485601
VBA32	BScope.TrojanDownloader.Emotet
Cylance	unsafe
Rising	Trojan.Generic@AI.100 (RDML:IrFnNwrZPYH6Yu9Vj195qQ)
Ikarus	Trojan.Win32.Patched
Fortinet	W32/Patched.IP!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Virus.Win32.Senoval.a?

Virus.Win32.Senoval.a removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X