Adware

Win32/Adware.MultiPlug.OT (file analysis)

Malware Removal

The Win32/Adware.MultiPlug.OT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Adware.MultiPlug.OT virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Unconventionial binary language: Hebrew
  • Unconventionial language used in binary resources: Hebrew
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/Adware.MultiPlug.OT?



File Info:

name: F4225DDADD6EC655EAF1.mlw
path: /opt/CAPEv2/storage/binaries/357fd208e3dbbcf4a995b9ddfcf69c4eefa32d46f640328eea368c6ca7d7490b
crc32: A3CE8C9A
md5: f4225ddadd6ec655eaf1b0d49cf1c513
sha1: 415225afd800a0d4a6d99f465fce670ceb6fcf6f
sha256: 357fd208e3dbbcf4a995b9ddfcf69c4eefa32d46f640328eea368c6ca7d7490b
sha512: a1decaa9efad16694b5c56e159589f808f49ec6020d7cd1bd872620ae8684b2988b96db585df664a266187117ebcddb1d4254aaecdb884f3893a1b00a194f7e0
ssdeep: 6144:WhKJvcXt04+e/EWLIoRPWRdkkfMDtpV7MCHZ2c9sHeTBqC45DSilJ0wgtPxaTdoz:WSRFLS0XZVuIi9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10E64F500BBE68835F5F30BB2BCF696A549B9BC251B20D4DFA3889A8C19715C1D531B37
sha3_384: 4187c8d1e2f9bcd9f5e6337df1a4982a89f58dcb149bcbe4ba79ce85d8bb46ff509ec286a3e0ad6eea06e756a9509774
ep_bytes: e8a92d0000e9000000006a1468d09a43
timestamp: 2013-08-29 14:00:32


Version Info:

CompanyName: Setup
FileDescription: Setup
FileVersion: 1.0.0.1
InternalName: crxdrop.dll
LegalCopyright: Copyright (C) 2013
OriginalFilename: crxdrop.dll
ProductName: TODO: 
ProductVersion: 1.0.0.1
Translation: 0x040d 0x04b0

Win32/Adware.MultiPlug.OT also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (moderate confidence)
CylanceUnsafe
CrowdStrikewin/grayware_confidence_60% (W)
ESET-NOD32a variant of Win32/Adware.MultiPlug.OT
SUPERAntiSpywareAdware.MulitPlug/Variant
TencentWin32.Adware.Bp-bho.Jeco
FireEyeGeneric.mg.f4225ddadd6ec655
SophosGeneric PUA EB (PUA)
APEXMalicious
WebrootW32.Adware.Gen
Antiy-AVLTrojan/Generic.ASMalwS.1F3B038
MicrosoftPWS:Win32/Zbot!ml
MAXmalware (ai score=95)
MalwarebytesAdware.MultiPlug
RisingTrojan.Wacatac!8.10C01 (CLOUD)
YandexPUA.MultiPlug!pUpgw7IA0Wg
IkarusTrojan.SuspectCRC

How to remove Win32/Adware.MultiPlug.OT?

Win32/Adware.MultiPlug.OT removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment