Crack

Win32/GameHack.CEF potentially unsafe removal instruction

Malware Removal

The Win32/GameHack.CEF potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/GameHack.CEF potentially unsafe virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • A named pipe was used for inter-process communication
  • Starts servers listening on 127.0.0.1:0
  • Enumerates running processes
  • Reads data out of its own binary image
  • A HTTP/S link was seen in a script or command line
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (inter-process)
  • Harvests cookies for information gathering

How to determine Win32/GameHack.CEF potentially unsafe?



File Info:

name: D520121A1140CE6DF9E0.mlw
path: /opt/CAPEv2/storage/binaries/b426261d57cdf1f9b9e8be46637f9122976b4d9f9e14e4e4d76b47587da555b1
crc32: 40B6E0FB
md5: d520121a1140ce6df9e0f7e58e9ef7de
sha1: 78e3c87df09eb553cc3aa16375f9ce17f63c79ba
sha256: b426261d57cdf1f9b9e8be46637f9122976b4d9f9e14e4e4d76b47587da555b1
sha512: ae2a8fbbb691a80c7ed5ca4d77ffe23d523ba5449313195e35add81af24d31386d2f08301334bf45d19a46a2a411162f9570b423e3ff00a523292107f0d00f9f
ssdeep: 384:vnvuVajdTIQ3cAXfu2y/ey7FyDxtjYExTco907+nOZH1YhbFL81V:6aj3Xfu2y/H7S+E5c+A+nO/YrL
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1C7A21837676645AADC2021B037639757D43F57B71F2485DBD3B08C2C6E788F2AE6A00A
sha3_384: 8601f2b430fa64e7993f49dbf1df4ccb76184efbb565746d487c76c1e2af08ad314b92c2ef1838349129acd469a998ae
ep_bytes: e8b0050000e974feffff558bec6a00ff
timestamp: 2022-01-18 05:19:45


Version Info:

0: [No Data]

Win32/GameHack.CEF potentially unsafe also known as:

BkavW32.AIDetect.malware1
LionicRiskware.Win32.Generic.1!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.48006940
FireEyeGeneric.mg.d520121a1140ce6d
CAT-QuickHealTrojan.GenericIH.S22364334
McAfeeGenericRXOX-XR!D520121A1140
CylanceUnsafe
SangforRiskware.Win32.Wacapew.C
K7GWUnwanted-Program ( 0055a65e1 )
K7AntiVirusUnwanted-Program ( 0055a65e1 )
CyrenW32/Zusy.GT.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GameHack.CEF potentially unsafe
TrendMicro-HouseCallTROJ_GEN.R002C0PAJ22
ClamAVWin.Dropper.GameHack-9923179-0
BitDefenderTrojan.GenericKD.48006940
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKD.48006940
EmsisoftTrojan.GenericKD.48006940 (B)
ComodoApplicUnwnt@#vmapc064r7is
TrendMicroTROJ_GEN.R002C0PAJ22
McAfee-GW-EditionBehavesLike.Win32.Generic.mh
SophosGeneric PUA HI (PUA)
GDataTrojan.GenericKD.48006940
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASMalwS.3510CA8
MicrosoftTrojan:Win32/Casdet!rfn
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.R422636
ALYacTrojan.GenericKD.48006940
MalwarebytesRiskWare.GameHack
APEXMalicious
RisingHackTool.Gamehack!8.59E (RDMK:cmRtazp10DI4DltnsOxT3isR7I6g)
SentinelOneStatic AI – Suspicious PE
FortinetRiskware/GameHack
AVGWin32:Malware-gen
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.300983.susgen

How to remove Win32/GameHack.CEF potentially unsafe?

Win32/GameHack.CEF potentially unsafe removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment