Win32/Bundpil.CK removal

The Win32/Bundpil.CK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Bundpil.CK virus can do?

Authenticode signature is invalid
Binary file triggered YARA rule
Yara detections observed in process dumps, payloads or dropped files

How to determine Win32/Bundpil.CK?


File Info:
name: 28D64027B6D116B723EC.mlw
path: /opt/CAPEv2/storage/binaries/f8568ccce7712194ca5ba2937efcb96a7fc53c1361f20ce8cd697e4b1b1a3fbc
crc32: 1221EA73
md5: 28d64027b6d116b723ec99a4f677d307
sha1: c6ddb1d10fe035a85f9c4f7ddf6bc590db16b27c
sha256: f8568ccce7712194ca5ba2937efcb96a7fc53c1361f20ce8cd697e4b1b1a3fbc
sha512: 7b87d9674b3fdb0fa49ee8c058241d40474c5d2a71afd2db935e30da38e9cc9300eb51b11735f34dae017b1085585d15156dc42b5930ebd47d2dd2cd2d23c423
ssdeep: 48:iU0tg+McKBQLrhWHR0ciIsiQlP5PMDQHpyuLv6ouhq:2M4rw0vI/lXhq
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T11481533543C35A71D08C02397EFF6DDC42AD9F15036206CF8A8A04620D253CA7EB2E16
sha3_384: da7ab72e4cd0f654a7bb946020d0b0082a4eb6abac3c1d35a31caffd12641da5cbddf902abd0779988fc246e6e41a83e
ep_bytes: 558bec518b450c8945fc837dfc017402
timestamp: 2013-07-12 22:53:33

Version Info:
0: [No Data]

Win32/Bundpil.CK also known as:

Bkav	W32.FamVT.DebrisA.Worm
AVG	Win32:Sg-F [Trj]
Elastic	malicious (high confidence)
DrWeb	BackDoor.Andromeda.178
MicroWorld-eScan	Gen:Variant.Jaik.157032
FireEye	Generic.mg.28d64027b6d116b7
CAT-QuickHeal	Trojan.Agent.WL
Skyhigh	Downloader-FOB!28D64027B6D1
McAfee	Downloader-FOB!28D64027B6D1
Malwarebytes	Bundpil.Worm.AutoRun.DDS
Zillya	Worm.BundpilGen.Win32.1
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	EmailWorm ( 0040f50c1 )
K7GW	Trojan ( 0045a1fd1 )
CrowdStrike	win/malicious_confidence_100% (W)
Arcabit	Trojan.Jaik.D26568
BitDefenderTheta	Gen:NN.ZedlaF.36802.aq4@aiTLCTb
VirIT	Trojan.Win32.Generic.BCQO
Symantec	W32.Dromedan
ESET-NOD32	a variant of Win32/Bundpil.CK
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Worm.Gamarue-6803704-0
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Jaik.157032
NANO-Antivirus	Trojan.Win32.Andromeda.cqkyah
Avast	Win32:Sg-F [Trj]
Tencent	Worm.Win32.Debris.b
Emsisoft	Gen:Variant.Jaik.157032 (B)
F-Secure	Worm.WORM/Gamarue.409654
Baidu	Win32.Worm.Agent.q
VIPRE	Gen:Variant.Jaik.157032
TrendMicro	WORM_GAMARUE.SMF
Sophos	W32/Gamarue-BJ
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan/Generic.ayraq
Webroot	W32.Trojan.Gen
Varist	W32/Csyr.C.gen!Eldorado
Avira	WORM/Gamarue.409654
MAX	malware (ai score=82)
Antiy-AVL	Worm/Win32.Debris
Kingsoft	malware.kb.a.997
Xcitium	Worm.Win32.Bundpil.BL@4zjaeb
Microsoft	Worm:Win32/Gamarue.AB
ViRobot	Trojan.Win32.Agent.Gen.D
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Variant.Jaik.157032
Google	Detected
AhnLab-V3	Trojan/Win32.Agent.R74794
Acronis	suspicious
VBA32	Worm.Debris
ALYac	Gen:Variant.Jaik.157032
TACHYON	Trojan/W32.Agent.4096.MY
Cylance	unsafe
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	WORM_GAMARUE.SMF
Rising	Worm.Gamarue!1.9CC6 (CLASSIC)
Yandex	Trojan.GenAsa!uUbciYstU9Q
Ikarus	Worm.Win32.Gamarue
MaxSecure	Worm.Debris.Gen
Fortinet	W32/Bundpil.AA!tr
DeepInstinct	MALICIOUS
alibabacloud	Worm:Win/Gamarue.0cffbc56

How to remove Win32/Bundpil.CK?

Win32/Bundpil.CK removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X