Crack

About “Win32:Patched-AWW [Trj]” infection

Malware Removal

The Win32:Patched-AWW [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Patched-AWW [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Touches a file containing cookies, possibly for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Win32:Patched-AWW [Trj]?



File Info:

name: E0B4158041C980B3C035.mlw
path: /opt/CAPEv2/storage/binaries/968ad25ab6402019d63b1b0fcff41a4e91438deef53eccbfda08a9960f447325
crc32: 240A78D3
md5: e0b4158041c980b3c035cc1145370e01
sha1: 58914c08a2990c2d5cf8bd461a5b014c51810a26
sha256: 968ad25ab6402019d63b1b0fcff41a4e91438deef53eccbfda08a9960f447325
sha512: ea4008eb34b28f14892f01bcda1ca1fb5289847e734e9c1a34c2250cd0ab8192752be83ed109f952ad2f18e749d6ea9b1ce3b9444b4175c4390f231fac9c550d
ssdeep: 98304:RNRS0dlutVXWT9xIy3e8DXKjPYR4ctT3LnqUGCmhQuxC562q:Aq9H3HDX73nqzcc2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B9669D317C86C179E252407059A9BFF5819DD8364BB208C77AC06F7A9A613CB7E31F26
sha3_384: 4635a881f5b92bf2b0826e35b7236d7a63b54f68a23fc2b05a739b2272819a138a9eb5369e9c2be43bcb537ba53a287a
ep_bytes: e8b6070000e978feffff558bec6a00ff
timestamp: 2022-11-15 01:28:21


Version Info:

CompanyName: Adobe Systems Incorporated
EnglishName: English
FileDescription: Adobe Collaboration Synchronizer 22.3
FileVersion: 22.3.20282.0
LanguageId: 0409
LegalCopyright: Copyright 1984-2022 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename: AdobeCollabSync.exe
ProductVersion: 22.3.20282.0
Signature: Read
ProductName: Adobe Collaboration Synchronizer
Translation: 0x0409 0x04e4

Win32:Patched-AWW [Trj] also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.Senoval.n!c
MicroWorld-eScanGen:Variant.Lazy.388432
FireEyeGeneric.mg.e0b4158041c980b3
SkyhighBehavesLike.Win32.Backdoor.vc
McAfeeGenericRXAA-AA!E0B4158041C9
MalwarebytesGeneric.Malware/Suspicious
SangforTrojan.Win32.Patched.V3f6
K7AntiVirusTrojan ( 005ab4bf1 )
AlibabaTrojan:Win32/Senoval.c658c814
K7GWTrojan ( 005ab4bf1 )
ArcabitTrojan.Lazy.D5ED50
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Lazy.388432
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
SophosW32/Patched-CE
DrWebWin32.Beetle.2
VIPREGen:Variant.Lazy.388432
TrendMicroTROJ_GEN.R002C0DJA23
Trapminesuspicious.low.ml.score
EmsisoftGen:Variant.Lazy.388432 (B)
SentinelOneStatic AI – Suspicious PE
GoogleDetected
MAXmalware (ai score=87)
Antiy-AVLTrojan/Win32.Wacatac
MicrosoftTrojan:Win32/Doina.RPX!MTB
ZoneAlarmVirus.Win32.Senoval.a
GDataWin32.Trojan.PSE.104T8GB
VaristW32/Patched.GQ1.gen!Eldorado
AhnLab-V3Malware/Win.Generic.R606981
ALYacGen:Variant.Lazy.388432
VBA32BScope.TrojanDownloader.Emotet
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0DJA23
RisingTrojan.Generic@AI.100 (RDML:EYC5vNbowcv0HhiweRQ4eA)
IkarusTrojan.Win32.Doina
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32:Patched-AWW [Trj]?

Win32:Patched-AWW [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment