Crack

Win32/GameHack.BOI potentially unsafe malicious file

Malware Removal

The Win32/GameHack.BOI potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Win32/GameHack.BOI potentially unsafe virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Win32/GameHack.BOI potentially unsafe?


File Info:

name: B9E6E722CFBCBA078289.mlw
path: /opt/CAPEv2/storage/binaries/3e3f716b91ce55ae75b5b5c1bb99dfbfd93d9beadae75ac3a89dbde37b031ba2
crc32: 2DAADF82
md5: b9e6e722cfbcba0782893c3c9ef7f650
sha1: 7e470d5f8e6fc8845f5c2e3f1bf7c90286dc8126
sha256: 3e3f716b91ce55ae75b5b5c1bb99dfbfd93d9beadae75ac3a89dbde37b031ba2
sha512: 12945772ac16d160f80c927cb4ce49a9989d4d96e0e88840fcb413376e246f6acb0d575b5ec9f2dfcee62ea40413a3d4a54456a93e6f5a656be64f3e7e3d4de1
ssdeep: 768:OO0OsjuUyciuzVRrEr5u7LGIyUHoNQmG2DDWUGrxbLfbFvRLQ:ObOLUuuxRrEdgbpoNZDDWUIJvRL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E013CEC1AA1850E5E94311B602D3AF3106ED6D72EED1932B33DC2FA93BE472B7D50216
sha3_384: f3f21fdfc52a62ba1b692ebd2ab704332c248d196d2bbcd20fffd8d0ad8ab8d1821cdcff569c81d4e1219ecbbc749518
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2018-12-29 17:30:54

Version Info:

FileDescription: M2Bob
FileVersion: 1.0.0.1478
LegalCopyright: © M2Bob-Team
OriginalFilename: M2Bob.exe
ProgramID: M2Bob
ProductName: M2Bob
ProductVersion: 1.0.0.0
Translation: 0x0409 0x04e4

Win32/GameHack.BOI potentially unsafe also known as:

BkavW32.AIDetect.malware2
FireEyeGeneric.mg.b9e6e722cfbcba07
CylanceUnsafe
K7AntiVirusUnwanted-Program ( 00513be91 )
K7GWUnwanted-Program ( 00513be91 )
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/GameHack.BOI potentially unsafe
APEXMalicious
Paloaltogeneric.ml
KasperskyUDS:DangerousObject.Multi.Generic
SUPERAntiSpywareAdware.Graftor/Variant
ComodoMalware@#1zbzu0vly3bur
McAfee-GW-EditionBehavesLike.Win32.Sytro.pc
SophosGeneric PUA HO (PUA)
SentinelOneStatic AI – Malicious PE
WebrootW32.Trojan.GenKD
Antiy-AVLTrojan/Generic.ASMalwS.2A17134
MicrosoftTrojan:Win32/Occamy.C
AhnLab-V3Malware/Gen.Generic.C1912317
McAfeeArtemis!B9E6E722CFBC
RisingTrojan.Wacatac!8.10C01 (CLOUD)
MaxSecureTrojan.Malware.1728101.susgen
FortinetW32/GameHack.BOI
BitDefenderThetaGen:NN.ZexaF.34606.cO0ba08qG@ii
PandaTrj/Genetic.gen
CrowdStrikewin/grayware_confidence_70% (W)

How to remove Win32/GameHack.BOI potentially unsafe?

Win32/GameHack.BOI potentially unsafe removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment