About “W32.Otwyacal.A” infection

The W32.Otwyacal.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What W32.Otwyacal.A virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine W32.Otwyacal.A?


File Info:
name: C38E46752B40804272C3.mlw
path: /opt/CAPEv2/storage/binaries/2433253f11b814b35b42497daffbb6ea438019a62feabe9af7054735159ef21a
crc32: 55E1B9A4
md5: c38e46752b40804272c361f47c8da49a
sha1: 164b25d0837168a9b271d7844b9263902f65daaf
sha256: 2433253f11b814b35b42497daffbb6ea438019a62feabe9af7054735159ef21a
sha512: 64ac110109fdd836655b91287e1e0d2dc717a1688b8e836dd42ce343c49301f3d5c99dd5455df015c2a3ccaea881282c715781617fdc5a7b00072cc39c1c55dc
ssdeep: 768:XwSDJJlaxg5N/RxK88JjY/i/KkRBYRZcPPphxVh+CEA:gSVHaxgzwjY/3kPYzcPBGCEA
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T100037C1A7991E037D8C342B041A6C71ADF77762025F54293A7B415AEAE63790BF2730F
sha3_384: c78c55cc11241e91c42629dd772b8cc18e9ee27479feab151662df7d8dad8ae964b3b7348972e19d7592f24b0fe2e54e
ep_bytes: e94949ffff0202003082149106092a86
timestamp: 2003-06-04 22:54:22

Version Info:
CompanyName: Autodesk, Inc.
FileDescription: slidelib
FileVersion: 16.1.0.14
InternalName: slidelib
LegalCopyright: Copyright (c) 1982-2003 by Autodesk, Inc.
OriginalFilename: slidelib.exe
ProductName: slidelib.exe
ProductVersion: 16.1.0.14
Translation: 0x0409 0x04b0

W32.Otwyacal.A also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Trojan.GenericKD.69034850
FireEye	Trojan.GenericKD.69034850
CAT-QuickHeal	W32.Otwyacal.A
McAfee	Artemis!C38E46752B40
Malwarebytes	Malware.Heuristic.1003
Elastic	malicious (high confidence)
APEX	Malicious
BitDefender	Trojan.GenericKD.69034850
Avast	Win32:Malware-gen
Emsisoft	Trojan.GenericKD.69034850 (B)
F-Secure	Trojan.TR/Crypt.XPACK.Gen
VIPRE	Trojan.GenericKD.69034850
McAfee-GW-Edition	BehavesLike.Win32.Sality.nh
Ikarus	Trojan.Crypt
GData	Trojan.GenericKD.69034850
Jiangmin	Trojan/Krament.aj
Google	Detected
Avira	TR/Crypt.XPACK.Gen
Antiy-AVL	Trojan/Win32.Wacatac
Kingsoft	malware.kb.a.939
Arcabit	Trojan.Generic.D41D6362
Microsoft	Program:Win32/Wacapew.C!ml
Cynet	Malicious (score: 99)
ALYac	Trojan.GenericKD.69034850
MAX	malware (ai score=84)
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002H09HV23
Rising	Trojan.Win32.Generic.1573F3F5 (C64:YzY0Op/9Y83UNHm1)
SentinelOne	Static AI – Suspicious PE
Fortinet	Malicious_Behavior.SB
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove W32.Otwyacal.A?

W32.Otwyacal.A removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X