PUA

About “Win32:Downloader-SZW [PUP]” infection

Malware Removal

The Win32:Downloader-SZW [PUP] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Downloader-SZW [PUP] virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32:Downloader-SZW [PUP]?



File Info:

name: 15AA276EC9E9840D47F8.mlw
path: /opt/CAPEv2/storage/binaries/e0661c5d9122604162989fd3602a2ef57b9c0a14024b6bbb2fffb687ca0d8297
crc32: 8A5EF7D4
md5: 15aa276ec9e9840d47f8f183e29a4e59
sha1: 185038d95e68ad9f79a33a1751b8ffedc23b1d6d
sha256: e0661c5d9122604162989fd3602a2ef57b9c0a14024b6bbb2fffb687ca0d8297
sha512: a65703c71eeb812d865c685679146ad22268e2e5779bb5d533acefdc2c2eb91b2452ac9d01a0a7274c4a02335298da2ab728d99874c69ebd4db971eed3aac41f
ssdeep: 6144:gxBRXjIHDgw4O/p7jwLphWfAAbkcg/uE:IBRXjIjzwhWTzxE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18664AF127260C071F35A4B304D15D6911A6ABC7695F4D68FFBE83A7A1E722938A3730F
sha3_384: 58b9aef197d619022e2dca5cbefd4e4da123ffe96522d0a67c740520a2c69633f974cc40383f94e4a80d1d67adc6dc5d
ep_bytes: 60be00b046008dbe0060f9ff57eb0b90
timestamp: 2012-10-24 14:56:45


Version Info:

FileDescription: Setup
FileVersion: 3.0.110.0
ProductVersion: 3.0.110.0
Translation: 0x0409 0x04b0

Win32:Downloader-SZW [PUP] also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (moderate confidence)
MicroWorld-eScanTrojan.GenericKDZ.89147
FireEyeGeneric.mg.15aa276ec9e9840d
CAT-QuickHealPua.Generic.22410
ALYacTrojan.GenericKDZ.89147
CylanceUnsafe
SangforTrojan.Win32.Save.a
Cybereasonmalicious.95e68a
BaiduWin32.Adware.Agent.b
CyrenW32/HotBar.O.gen!Eldorado
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Adware.GOffer.A
APEXMalicious
ClamAVWin.Adware.Screensaver-9
Kasperskynot-a-virus:UDS:AdWare.Win32.Generic
BitDefenderTrojan.GenericKDZ.89147
NANO-AntivirusTrojan.Win32.Graftor.bbkjam
AvastWin32:Downloader-SZW [PUP]
TencentMalware.Win32.Gencirc.10c8c64e
Ad-AwareTrojan.GenericKDZ.89147
SophosGeneric ML PUA (PUA)
DrWebTrojan.Click2.45234
McAfee-GW-EditionPUP-XAB-KJ
EmsisoftTrojan.GenericKDZ.89147 (B)
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKDZ.89147
AviraADWARE/Adware.Gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Adware/Win32.ScreenSaver.R56892
McAfeeArtemis!15AA276EC9E9
MAXmalware (ai score=86)
VBA32AdWare.ScreenSaver
MalwarebytesGeneric.Trojan.Malicious.DDS
RisingTrojan.Generic@AI.94 (RDMK:8IptM2BvK8TlOrC7BhWqMg)
IkarusTrojan.SuspectCRC
FortinetW32/ULPM.16C0!tr
AVGWin32:Downloader-SZW [PUP]
CrowdStrikewin/grayware_confidence_90% (W)

How to remove Win32:Downloader-SZW [PUP]?

Win32:Downloader-SZW [PUP] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment