Adware

Win64/Adware.OpenSUpdater.AC information

Malware Removal

The Win64/Adware.OpenSUpdater.AC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win64/Adware.OpenSUpdater.AC virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net
repository.certum.pl

How to determine Win64/Adware.OpenSUpdater.AC?



File Info:

name: F1BE48C69E70C72129AE.mlw
path: /opt/CAPEv2/storage/binaries/6f3483d8ece164a7a5c2fae1247fa279bf73900f1c9a005ad3dc8da0b19f86ce
crc32: 4F403CE2
md5: f1be48c69e70c72129aed5771b9b124b
sha1: 9d8ac08b8f718feecedd2f916580bdeb686e1c4e
sha256: 6f3483d8ece164a7a5c2fae1247fa279bf73900f1c9a005ad3dc8da0b19f86ce
sha512: f022b05a8d5110a3e77443b9d8086f8f10f66b8578efa0a7679dd567ae90dc8d4e9fb638d95b938bfbdcc8056a41d901f138c32ba6199852f8cb71b53e249f03
ssdeep: 49152:jzDSXu5MigD9xdroT9sskeUM5K7OPIYEzsG:HD3gDztou7q5EzsG
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T17785BE0532A549F8D47A923CC586461BE3F1B4464730DBCF03994BAA1F23BE22B7E765
sha3_384: 8251ec9b158b7a7b4879ba28d2c87bed88bb2691b1455ce1c9eafc978989929d605b558400f3840459425c0b0cea116f
ep_bytes: 4883ec28e8935301004883c428e9f6fd
timestamp: 2020-08-05 09:36:36


Version Info:

CompanyName: BlackTools Inc
FileDescription: BlackTools
FileVersion: 2.0.7.8
InternalName: blacktools
LegalCopyright: BlackTools Inc 2020
OriginalFilename: blacktools.exe
ProductName: BlackTools
ProductVersion: 2.0.7.8
Translation: 0x0409 0x04b0

Win64/Adware.OpenSUpdater.AC also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.34881547
FireEyeGeneric.mg.f1be48c69e70c721
McAfeeArtemis!F1BE48C69E70
CylanceUnsafe
SangforTrojan.Win32.Wacatac.A
ESET-NOD32a variant of Win64/Adware.OpenSUpdater.AC
APEXMalicious
Paloaltogeneric.ml
BitDefenderTrojan.GenericKD.34881547
Ad-AwareTrojan.GenericKD.34881547
EmsisoftApplication.Updater (A)
VIPREWin64.Adware.OpenSUpdater
McAfee-GW-EditionArtemis!PUP
SophosGeneric PUA JN (PUA)
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.34881547
AviraHEUR/AGEN.1136406
ArcabitTrojan.Generic.D214400B
MicrosoftPUA:Win32/Puasson.A!ac
CynetMalicious (score: 99)
ALYacTrojan.GenericKD.34881547
MAXmalware (ai score=82)
MalwarebytesAdware.SpecialSearchOffer
TrendMicro-HouseCallTROJ_GEN.R002H09GR21
YandexPUA.OpenSUpdater!ZE72vo7uPqc
IkarusAdWare.Opensupdater
FortinetRiskware/Generic_PUA_JN
Cybereasonmalicious.69e70c
MaxSecureTrojan.Malware.109117095.susgen

How to remove Win64/Adware.OpenSUpdater.AC?

Win64/Adware.OpenSUpdater.AC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment