Crack

Win32:Patched-AWW [Trj] malicious file

Malware Removal

The Win32:Patched-AWW [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Patched-AWW [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Touches a file containing cookies, possibly for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Win32:Patched-AWW [Trj]?



File Info:

name: C4A099CF8BA01FA185A3.mlw
path: /opt/CAPEv2/storage/binaries/617e7ed26bf979d5524deb8979b355dce3425f5be54ecf024ce1d425a7afe65e
crc32: 2D323893
md5: c4a099cf8ba01fa185a32b39043f2802
sha1: 12182e90bc82f79df8e4bad3e553b9fbfa576ff5
sha256: 617e7ed26bf979d5524deb8979b355dce3425f5be54ecf024ce1d425a7afe65e
sha512: 8cf5b39e48c188e3c4e0954f419d285baa6c131bba38bb19a16da37d67ec534e7e5c502ed8a044e95f118b5a530a3e10c35e1c07ece2fa7b49f716e55e90f9c5
ssdeep: 6144:qmdGCTB92ZbuUtDsBIUGKz4bRUSF/iaPCMfthtL:qmdGCTXUttUGw4brMMVDL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FE54D00838E71A37D1E1403193DE0EAD7AB9192A61C91D2F8F671B1B035075E56AF2FE
sha3_384: 37721b6a191118ab4bbc3b484f960e283264baa3bd93e81ac31be76799709ff19d75c10e756517ca0add221378cf29d8
ep_bytes: e88cb2ffffe935fdffff558bec81ec28
timestamp: 2006-10-04 00:48:13


Version Info:

0: [No Data]

Win32:Patched-AWW [Trj] also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.Senoval.n!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.389485
SkyhighBehavesLike.Win32.Dropper.dc
McAfeeGenericRXAA-AA!C4A099CF8BA0
MalwarebytesMalware.AI.2765533313
ZillyaDropper.Agent.Win32.560771
SangforTrojan.Win32.Patched.Vdcm
K7AntiVirusTrojan ( 005ab4bf1 )
BitDefenderGen:Variant.Lazy.389485
K7GWTrojan ( 005ab4bf1 )
BitDefenderThetaAI:Packer.53FF8E221F
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
APEXMalicious
KasperskyVirus.Win32.Senoval.a
AlibabaTrojan:Win32/Senoval.a807e56d
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
RisingTrojan.Generic@AI.100 (RDML:OolCOZ2sCkh1DOk1OP0dPg)
TACHYONTrojan/W32.Agent.290816.BAQ
SophosW32/Patched-CE
F-SecureTrojan.TR/Patched.Gen3
DrWebWin32.Beetle.2
VIPREGen:Variant.Lazy.389485
TrendMicroTROJ_GEN.R002C0DJP23
Trapminesuspicious.low.ml.score
FireEyeGen:Variant.Lazy.389485
EmsisoftGen:Variant.Lazy.389485 (B)
IkarusTrojan.Win32.Krypt
VaristW32/Doina.AL.gen!Eldorado
AviraTR/Patched.Gen3
MicrosoftTrojan:Win32/Doina.RPX!MTB
ArcabitTrojan.Lazy.D5F16D
ZoneAlarmVirus.Win32.Senoval.a
GDataGen:Variant.Lazy.389485
GoogleDetected
ALYacGen:Variant.Lazy.389485
MAXmalware (ai score=86)
DeepInstinctMALICIOUS
VBA32BScope.TrojanDownloader.Emotet
Cylanceunsafe
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002C0DJP23
TencentTrojan.Win32.Pathced_ya.16001052
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
AvastWin32:Patched-AWW [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32:Patched-AWW [Trj]?

Win32:Patched-AWW [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment