Categories: Malware

Win32/CMDOW.143 potentially unsafe malicious file

The Win32/CMDOW.143 potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/CMDOW.143 potentially unsafe virus can do?

Reads data out of its own binary image
Unconventionial language used in binary resources: Russian
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Win32/CMDOW.143 potentially unsafe?


File Info:
crc32: 56993B29md5: fc61a0ec102dbdbdc844897ba61d4520name: FC61A0EC102DBDBDC844897BA61D4520.mlwsha1: 1ca3272d2d86ad33b021976501322e2e6e12092asha256: c3b9173a4c1069b6b97248fbeb64a1a7b622852a6a91bda24472e9d4a6da162bsha512: 32126432730155bedcebf08aa48d344d82b4b9ef4a37adbae77477b73817d466eae7bec72c92a54a7d3a3c00ff0181e48622fa7238698a248bc638593a91851fssdeep: 6144:XZABbWqsE/Ao+mv8Qv0LVmwq4FU0fNoy6ordrMwboLeQVE2M366DfFYu6KiY:pANwRo+mv8QD4+0V16BwELesE66zFYuztype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Shenzhen Concord College                                                                            FileDescription: Kioskhelper with deamon 2.b Installation                    FileVersion: 2.b                 Comments: CompanyName: Shenzhen Concord College                                    Translation: 0x0409 0x04e4

Win32/CMDOW.143 potentially unsafe also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Unwanted-Program ( 004d38111 )
Lionic	Riskware.Win32.HideWindows.1!c
DrWeb	Tool.HideWindows.20
Cynet	Malicious (score: 100)
Cylance	Unsafe
Sangfor	Riskware.Win32.HideWindows.o
Alibaba	RiskWare:Win32/HideWindows.113b6491
K7GW	Unwanted-Program ( 004d38111 )
Cybereason	malicious.d2d86a
Cyren	W32/Hidewnd.ULJS-1120
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/CMDOW.143 potentially unsafe
APEX	Malicious
Avast	Win32:Dh-A [Heur]
Kaspersky	not-a-virus:RiskTool.Win32.HideWindows.o
NANO-Antivirus	Riskware.Win32.HideWindows.cqphlr
Sophos	Generic Reputation PUA (PUA)
McAfee-GW-Edition	Tool-HideWindow.a
FireEye	Generic.mg.fc61a0ec102dbdbd
SentinelOne	Static AI – Suspicious PE
Antiy-AVL	Trojan/Generic.ASMalwS.BC28
Microsoft	Trojan:Win32/Wacatac.B!ml
McAfee	Artemis!FC61A0EC102D
eGambit	Unsafe.AI_Score_99%
Fortinet	Riskware/HideWindows
AVG	Win32:Dh-A [Heur]
Qihoo-360	Win32/Trojan.Generic.HgIASZwA