Worm

Should I remove “Worm.Win32.Socks.hs”?

Malware Removal

The Worm.Win32.Socks.hs is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.Win32.Socks.hs virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • HTTPS urls from behavior.
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Worm.Win32.Socks.hs?



File Info:

name: 685BDBB046A0F5591F70.mlw
path: /opt/CAPEv2/storage/binaries/c1b09904a80e4cfab561a500ea783db9057864d8c3dcd1220c8dc3da5e1ef666
crc32: 1B3A3594
md5: 685bdbb046a0f5591f7077ee59323191
sha1: 3252579829b7ee96f145a9aa42f8b9c2ff61c6ff
sha256: c1b09904a80e4cfab561a500ea783db9057864d8c3dcd1220c8dc3da5e1ef666
sha512: 81b9abe0e2f97765f95d56d728fb866826aa001e66311f35a566b563133f9a78317b97687242a3b777cfd12fbff125d3ba25ec50a153a955ab7a227828db356a
ssdeep: 12288:juaByS5Z5eyjF0GL5B+apD86QgnOqMFebFD6:j8ujP/D86QJObE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18A8423957AEDD797D4367C79C29F6B9042AB062C1F804111E38B37F2921EA3282DD35B
sha3_384: ae51ac3f17e4eccd5ab4387a494ccfe993ce92c2367b03355eb3815036e95f6e4050d3a2688b241a18bee9220e2f85fd
ep_bytes: 60be001042008dbe0000feff5783cdff
timestamp: 2008-02-13 20:22:12


Version Info:

0: [No Data]

Worm.Win32.Socks.hs also known as:

Elasticmalicious (moderate confidence)
MicroWorld-eScanTrojan.Downloader.Small.AAKR
ClamAVWin.Worm.Socks-7102088-0
FireEyeGeneric.mg.685bdbb046a0f559
CAT-QuickHealBackdoor.Agent.8448
McAfeeArtemis!685BDBB046A0
CylanceUnsafe
ZillyaWorm.Socks.Win32.146
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 000280701 )
K7GWTrojan-Downloader ( 000280701 )
Cybereasonmalicious.046a0f
BaiduWin32.Trojan-PSW.Agent.e
CyrenW32/Socks.A.gen!Eldorado
tehtrisGeneric.Malware
ESET-NOD32Win32/TrojanDownloader.Agent.NVF
APEXMalicious
CynetMalicious (score: 100)
KasperskyWorm.Win32.Socks.hs
BitDefenderTrojan.Downloader.Small.AAKR
NANO-AntivirusTrojan.Win32.Socks.dpycam
AvastWin32:Injecter-AT [Trj]
Ad-AwareTrojan.Downloader.Small.AAKR
EmsisoftTrojan.Downloader.Small.AAKR (B)
ComodoTrojWare.Win32.TrojanDownloader.Agent.NVF@2e6d
DrWebBackDoor.FireOn
VIPRETrojan.Downloader.Small.AAKR
TrendMicroBKDR_SMALL.JAN
McAfee-GW-EditionBehavesLike.Win32.Backdoor.fc
Trapminemalicious.moderate.ml.score
SophosML/PE-A + Mal/Koceg-A
SentinelOneStatic AI – Malicious PE
GDataWin32.Trojan.PSE.14NSD2Z
JiangminBackdoor/Agent.armp
AviraTR/Crypt.XDR.Gen
Antiy-AVLTrojan/Generic.ASMalwS.1EB
ArcabitTrojan.Downloader.Small.AAKR
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Downloader/Win32.RL_Agent.R289607
BitDefenderThetaAI:Packer.BB630CB21B
ALYacTrojan.Downloader.Small.AAKR
MAXmalware (ai score=89)
VBA32Worm.Socks
MalwarebytesGeneric.Worm.Autorun.DDS
TrendMicro-HouseCallBKDR_SMALL.JAN
RisingBackdoor.Koceg!8.877 (TFE:5:S1De1a3vhHO)
YandexTrojan.GenAsa!W3WDE33Y72Y
IkarusVirus.Win32.Agent.OLI
FortinetW32/Socks.NAL!tr
AVGWin32:Injecter-AT [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Worm.Win32.Socks.hs?

Worm.Win32.Socks.hs removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment