Adware

Win32/Adware.AdAnti.D (file analysis)

Malware Removal

The Win32/Adware.AdAnti.D is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Adware.AdAnti.D virus can do?

  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/Adware.AdAnti.D?



File Info:

name: 507DFC4997A4F9C92883.mlw
path: /opt/CAPEv2/storage/binaries/04f79ff5c1836f9dbfc76a4544bd1e1ac5df10fbc95d29d6e984db4d60da36f0
crc32: 5AA2546F
md5: 507dfc4997a4f9c9288373c7ffd17a9d
sha1: 573e71876be8309d42542af9263d862709b81e6f
sha256: 04f79ff5c1836f9dbfc76a4544bd1e1ac5df10fbc95d29d6e984db4d60da36f0
sha512: adc88c78d3f9d7e1f09cf239ff456fff4f80b9d3dd7c32058b1816c1d3754736d50afd208d71084086c39c93ca68f245ce1ce223992b7f8964489b7a59f9a3e1
ssdeep: 49152:oFs8LeubXfnsan2aF/2u2HfKOaGzlH/SXoiX:Un7nN2UsHRaGZQX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16175BCC6C754BEA1D37FC33B70242B4286889AF9EDA5CA57D7E8A650B590301424DCEF
sha3_384: 1187de4ace9c556bedc85f84f96684a40c44aad3a50f11760421ae740a696b2389b77eba96811d7f4324788cb68a5eb5
ep_bytes: 81ecd40200005356576a205f33db6801
timestamp: 2019-12-16 00:50:53


Version Info:

Comments: Powered by HeiFei YunBiao XinXi KeJi YouXian GongSi
CompanyName: HeiFei YunBiao XinXi KeJi YouXian GongSi
FileDescription: 打印机大师
FileVersion: 1.0.0.15913
InternalName: 打印机大师
LegalCopyright: Copyright (C) 2020 HeiFei YunBiao XinXi KeJi YouXian GongSi. All rights reserved.
ProductName: 打印机大师
ProductVersion: 1.0.0.15913
Translation: 0x0804 0x04b0

Win32/Adware.AdAnti.D also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.47806969
FireEyeTrojan.GenericKD.47806969
ALYacTrojan.GenericKD.47806969
CylanceUnsafe
ZillyaTrojan.Inject.Win32.316629
SangforRiskware.Win32.Wacapew.C
K7AntiVirusTrojan ( 0056e5201 )
AlibabaAdWare:Win32/Softcnapp.475
K7GWTrojan ( 0056e5201 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Adware.AdAnti.D
AvastWin32:DangerousSig [Trj]
CynetMalicious (score: 100)
BitDefenderTrojan.GenericKD.47806969
TencentWin32.Trojan.Generic.Stkn
EmsisoftTrojan.GenericKD.47806969 (B)
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
SophosMal/Generic-S
Paloaltogeneric.ml
GDataTrojan.GenericKD.47806969
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
AhnLab-V3Trojan/Win.DangerousSig.R459763
McAfeeArtemis!507DFC4997A4
MAXmalware (ai score=81)
MalwarebytesMalware.AI.4293915722
RisingAdware.Agent!1.CB5B (CLOUD)
FortinetRiskware/AdAnti
AVGWin32:DangerousSig [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_80% (D)

How to remove Win32/Adware.AdAnti.D?

Win32/Adware.AdAnti.D removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment