Should I remove “Worm:Win32/Chupik.B”?

Malware Removal

The Worm:Win32/Chupik.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Worm:Win32/Chupik.B virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • A process attempted to delay the analysis task.
  • Installs a browser addon or extension
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

How to determine Worm:Win32/Chupik.B?


File Info:

crc32: D6258ECF
md5: b8379239d13c5564be4791aac4406858
name: B8379239D13C5564BE4791AAC4406858.mlw
sha1: 75ef896bea7e40fa797ef479ad7d3ebe876c3b67
sha256: 3dada0132730b355eff0c6f4c0542ac0ae0915a0be9bddbc13d0a7859aca03f3
sha512: 2ac70cac21847098614b1cb0d34fc437edab77b7de305bdd197afa88b3835644737353d7f332c0ffc18cec3e9dfa29fe9803eec4a1d12620201607c5756b01e1
ssdeep: 12288:LLy3rOqVOZLyKT0qVOzS0qVO6LyKT0qVOEE0qVO6LyKT0qVOzdOO0qVO6L4:LUjY1rnz1rDGz1rcz0
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

Translation: 0x0409 0x04b0
ProductVersion: 1.00
InternalName: pikachu
FileVersion: 1.00
OriginalFilename: pikachu.exe
ProductName: Project1

Worm:Win32/Chupik.B also known as:

BkavW32.FakeUserinitAC.Worm
K7AntiVirusTrojan ( 00013e901 )
LionicTrojan.Win32.Cosmu.4!c
TotalDefenseWin32/Tnega.FLDFYOB
MicroWorld-eScanWorm.Generic.392214
CMCTrojan.Win32.Cosmu!O
ALYacWorm.Generic.392214
CylanceUnsafe
ZillyaTrojan.Agent.Win32.284877
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 00013e901 )
Cybereasonmalicious.9d13c5
BaiduWin32.Worm.VB.rw
CyrenW32/Risk.PSBU-0914
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/VB.NSP
APEXMalicious
AvastWin32:Evo-gen [Susp]
ClamAVLegacy.Trojan.Agent-1388589
GDataWorm.Generic.392214
KasperskyTrojan.Win32.Cosmu.y
BitDefenderWorm.Generic.392214
NANO-AntivirusTrojan.Win32.VB.dfolbd
ViRobotTrojan.Win32.Cosmu.127488
TencentWorm.Win32.Autorun.d
Ad-AwareWorm.Generic.392214
SophosMal/Cosmu-A
ComodoMalware@#129w8boczxnwg
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.Siggen2.20784
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Ramnit.fc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.b8379239d13c5564
EmsisoftWorm.Generic.392214 (B)
SentinelOneDFI – Malicious PE
F-ProtW32/MalwareS.EUJ
Endgamemalicious (moderate confidence)
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Win32.Cosmu.y
MicrosoftWorm:Win32/Chupik.B
JiangminTrojan/Cosmu.luq
ArcabitWorm.Generic.D5FC16
SUPERAntiSpywareTrojan.Agent/Gen-Pikachu
ZoneAlarmTrojan.Win32.Cosmu.y
AhnLab-V3HEUR/Fakon.mwf
Acronissuspicious
McAfeeW32/Worm-FEL!B8379239D13C
MAXmalware (ai score=81)
VBA32SIM.Trojan.VBO.01822
MalwarebytesTrojan.Agent
PandaTrj/CI.A
RisingWorm.VobfusEx!1.99E4 (CLASSIC)
YandexWin32.Sality.AQ.Gen
IkarusWorm.Win32.VB
MaxSecureTrojan.Malware.11195990.susgen
FortinetW32/VB.NSP!worm
AVGWin32:Evo-gen [Susp]
Paloaltogeneric.ml
Qihoo-360HEUR/QVM11.1.Malware.Gen

How to remove Worm:Win32/Chupik.B?

Worm:Win32/Chupik.B removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment