Categories: Adware

Win64/Adware.SecureDuck.A information

The Win64/Adware.SecureDuck.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win64/Adware.SecureDuck.A virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Presents an Authenticode digital signature
Possible date expiration check, exits too soon after checking local time
Repeatedly searches for a not-found browser, may want to run with startbrowser=1 option
Dynamic (imported) function loading detected
Enumerates running processes
Expresses interest in specific running processes
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Steals private information from local Internet browsers
Attempts to identify installed analysis tools by a known file location
Anomalous binary characteristics

How to determine Win64/Adware.SecureDuck.A?


File Info:
name: F6988EED5CC6392F99D3.mlwpath: /opt/CAPEv2/storage/binaries/a96bbb7a79487779c29f5d645d6d72604c115a4ce53f44dfd29e62220c118b14crc32: 5BF10978md5: f6988eed5cc6392f99d3dcc7535f3529sha1: 6919027b13c3793074e41ab7c67f27b79b746311sha256: a96bbb7a79487779c29f5d645d6d72604c115a4ce53f44dfd29e62220c118b14sha512: 2352a1d3de8efe4bcd6c5d0d506bd93dc42a99f9e0480d5cd99fd28eb6c6ea1046faa274cfca1e46160ec14a5e65951dd96ea44ef1745d4dc33bd9033b13fca4ssdeep: 24576:aKQxhdiAfVW78bJgm37mCvAzfdsQ/PBpynfoFgckEZ:nQtdC+QHyfckEZtype: PE32+ executable (GUI) x86-64, for MS Windowstlsh: T1F6061606769CE9A8D0769238A7735BC1E379B80503B0CADF0793076EDF5A2927E39750sha3_384: 4b0a9c92c24ac07faeb686d00b12bf966c9929be18a046dfb6e213167a178737ae679b6df05f173e6524240c846ee96aep_bytes: 4883ec28e81b0800004883c428e97afetimestamp: 2021-04-23 09:37:09
Version Info:
0: [No Data]

Win64/Adware.SecureDuck.A also known as:

Lionic	Trojan.Win32.Ulise.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.38246566
FireEye	Trojan.GenericKD.38246566
CAT-QuickHeal	Trojan.MikeyRI.S20994645
Cylance	Unsafe
Zillya	Adware.SecureDuck.Win64.1
Sangfor	Trojan.Win32.Wacatac.B
K7AntiVirus	Adware ( 0057f5391 )
K7GW	Adware ( 0057f5391 )
Cyren	W64/Johnnie.V.gen!Eldorado
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win64/Adware.SecureDuck.A
BitDefender	Trojan.GenericKD.38246566
Avast	FileRepMalware
Ad-Aware	Trojan.GenericKD.38246566
Emsisoft	Trojan.GenericKD.38246566 (B)
F-Secure	Adware.ADWARE/Redcap.yxyfx
VIPRE	Win64.Adware.SecureDuck
McAfee-GW-Edition	Artemis!Trojan
Sophos	Generic PUA GJ (PUA)
GData	Trojan.GenericKD.38246566
Jiangmin	Trojan.Generic.gzwgn
Avira	ADWARE/Redcap.yxyfx
Arcabit	Trojan.Generic.D24798A6
ViRobot	Adware.Secureduck.3880328
Microsoft	Program:Win32/Wacapew.C!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Win.Generic.R424710
McAfee	GenericRXAA-AA!F6988EED5CC6
MAX	malware (ai score=80)
Malwarebytes	Malware.AI.1557315157
TrendMicro-HouseCall	TROJ_GEN.R03BH09F321
eGambit	PE.Heur.InvalidSig
Fortinet	W64/Johnnie.88B6!tr
AVG	FileRepMalware
MaxSecure	Trojan.Malware.118250347.susgen