Malware

About “Win32/Keygen.ABW potentially unsafe” infection

Malware Removal

The Win32/Keygen.ABW potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Keygen.ABW potentially unsafe virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Win32/Keygen.ABW potentially unsafe?



File Info:

name: AE85D895B0CC0BCB03C8.mlw
path: /opt/CAPEv2/storage/binaries/48e481e70755761643bc3285e80c43b108ab54549e7d370d0970027c1ad96c7c
crc32: 6F83343D
md5: ae85d895b0cc0bcb03c8be29f91c4b6a
sha1: 18539473030e93d4ae2d7058ce856e930517b134
sha256: 48e481e70755761643bc3285e80c43b108ab54549e7d370d0970027c1ad96c7c
sha512: f4290acf2dc9c26ff3d340ca8dc4ce265e7cc398ef5b9dfb2c13a9fc7a5c68b771c969ecca35c7411c1730bc244250cf1b020500574f768b407331b771ea6d72
ssdeep: 768:fPjekHS0y0YDg4XFeN2FYCU6lIvKTjXglBoM2vpu3pTi7ZnzrEXC:fCkyhDg4XJYvkIvKvQMM2E3pTi7pzgX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13213D0557905EC64C388AA34C98BC1F81198BC95DE7D1683AAE83FCF39B3961D42B14F
sha3_384: 2ceaf931309218f72689ff077281c34544df15d1f6fd32cf830f862131a618fad946b6a3fb88e505b15d7b1a265bf845
ep_bytes: 60be000041008dbe0010ffff57eb0b90
timestamp: 2014-04-04 12:26:25


Version Info:

0: [No Data]

Win32/Keygen.ABW potentially unsafe also known as:

LionicRiskware.Win32.Generic.1!c
Elasticmalicious (moderate confidence)
CAT-QuickHealTrojan.IGENERIC
McAfeeGenericRXAA-AA!AE85D895B0CC
CylanceUnsafe
SangforHacktool.Win32.Keygen.Vpk9
K7AntiVirusUnwanted-Program ( 0052f3c11 )
K7GWUnwanted-Program ( 0052f3c11 )
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Keygen.ABW potentially unsafe
APEXMalicious
ClamAVWin.Trojan.Sality-128247
SUPERAntiSpywareHack.Tool/Gen-KeyGen
TrendMicroHackTool.Win32.KEYGEN.AMG
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.ae85d895b0cc0bcb
SophosKeygen (PUA)
IkarusPUA.HackTool
GDataWin32.Trojan.Agent.8X3JI3
JiangminTrojan.Generic.dkqto
WebrootW32.Malware.Gen
Antiy-AVLTrojan/Win32.SGeneric
MicrosoftHackTool:Win32/Keygen!MSR
GoogleDetected
VBA32Trojan.Dx
TrendMicro-HouseCallHackTool.Win32.KEYGEN.AMG
RisingTrojan.Wacatac!8.10C01 (CLOUD)
YandexTrojan.Agent!Jw8TIsgKKPE
FortinetW32/Dx.D2I!tr
PandaPUP/Keygen

How to remove Win32/Keygen.ABW potentially unsafe?

Win32/Keygen.ABW potentially unsafe removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment