Crack

Win32/GameHack.I potentially unsafe information

Malware Removal

The Win32/GameHack.I potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/GameHack.I potentially unsafe virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Anomalous file deletion behavior detected (10+)
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Authenticode signature is invalid
  • Sniffs keystrokes
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering

How to determine Win32/GameHack.I potentially unsafe?



File Info:

name: D0FFED681FD5314D012C.mlw
path: /opt/CAPEv2/storage/binaries/d3006c7625d670db83eb94db33415a7e06792be002d53390c95c29bfe6d5f4e8
crc32: 70C9F7EB
md5: d0ffed681fd5314d012cc3f0caf80b60
sha1: fc75d3274994781d20b2f0c220c0383f07afe2ce
sha256: d3006c7625d670db83eb94db33415a7e06792be002d53390c95c29bfe6d5f4e8
sha512: 48e67c2cde313dd460bc8988e4f5e433f18832fd769d64ff6c675474b4f5777c62e2cacf4d68c65a9cf0b9401ded9009fea00659c9f377af2f12d04b705fe859
ssdeep: 6144:Qw400QFd1y3H4fYzKCbgc/7CZF2oYdKREf6Cv/FE1/BL1aIv5eq0TXl5B6AT3UTc:AoA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11DB45513CBB00D41E4B3393DBBE3A1958A22FD861B86515DA913163F17B4A7647B8F83
sha3_384: fc40be7cac94d15b64ddf8af499748de8b68eacd34e8d819e0c5848fae3cc5749bb238daac80460f53aaf9382f06a840
ep_bytes: 689c144000e8eeffffff000000000000
timestamp: 2010-12-31 09:03:59


Version Info:

Translation: 0x0409 0x04b0
CompanyName: Copyright ByNF
ProductName: NF
FileVersion: 1.00
ProductVersion: 1.00
InternalName: NF v1859.1
OriginalFilename: NF v1859.1.exe

Win32/GameHack.I potentially unsafe also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Vilsel.lqF6
FireEyeGeneric.mg.d0ffed681fd5314d
CAT-QuickHealTrojan.VBCryptMF.S23925445
CylanceUnsafe
VIPRETrojan.Win32.OnlineGames
SangforAdware.Win32.Perion.mii
BitDefenderThetaGen:NN.ZevbaF.34294.Em0@aK6UiEli
CyrenW32/OnlineGames.GK.gen!Eldorado
ESET-NOD32a variant of Win32/GameHack.I potentially unsafe
TrendMicro-HouseCallTROJ_GEN.R002H0CIG21
Paloaltogeneric.ml
ClamAVWin.Trojan.8497821-1
Kasperskynot-a-virus:WebToolbar.Win32.Perion.mii
ZillyaAdware.Perion.Win32.2395
IkarusTrojan-Dropper
AviraTR/VB.Downloader.Gen9
Antiy-AVLTrojan/Generic.ASMalwS.261F4D3
MicrosoftTrojan:Win32/Wacatac.A!ml
CynetMalicious (score: 99)
McAfeeArtemis!D0FFED681FD5
APEXMalicious
YandexTrojan.GenAsa!LlyvMp3YMYY

How to remove Win32/GameHack.I potentially unsafe?

Win32/GameHack.I potentially unsafe removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment