Categories: Worm

Should I remove “Worm:Win32/Chupik.B”?

The Worm:Win32/Chupik.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Worm:Win32/Chupik.B virus can do?

Executable code extraction
Creates RWX memory
Possible date expiration check, exits too soon after checking local time
A process attempted to delay the analysis task.
Installs a browser addon or extension
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Network activity detected but not expressed in API logs

How to determine Worm:Win32/Chupik.B?


File Info:
crc32: D6258ECFmd5: b8379239d13c5564be4791aac4406858name: B8379239D13C5564BE4791AAC4406858.mlwsha1: 75ef896bea7e40fa797ef479ad7d3ebe876c3b67sha256: 3dada0132730b355eff0c6f4c0542ac0ae0915a0be9bddbc13d0a7859aca03f3sha512: 2ac70cac21847098614b1cb0d34fc437edab77b7de305bdd197afa88b3835644737353d7f332c0ffc18cec3e9dfa29fe9803eec4a1d12620201607c5756b01e1ssdeep: 12288:LLy3rOqVOZLyKT0qVOzS0qVO6LyKT0qVOEE0qVO6LyKT0qVOzdOO0qVO6L4:LUjY1rnz1rDGz1rcz0type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
Version Info:
Translation: 0x0409 0x04b0ProductVersion: 1.00InternalName: pikachuFileVersion: 1.00OriginalFilename: pikachu.exeProductName: Project1

Worm:Win32/Chupik.B also known as:

Bkav	W32.FakeUserinitAC.Worm
K7AntiVirus	Trojan ( 00013e901 )
Lionic	Trojan.Win32.Cosmu.4!c
TotalDefense	Win32/Tnega.FLDFYOB
MicroWorld-eScan	Worm.Generic.392214
CMC	Trojan.Win32.Cosmu!O
ALYac	Worm.Generic.392214
Cylance	Unsafe
Zillya	Trojan.Agent.Win32.284877
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Trojan ( 00013e901 )
Cybereason	malicious.9d13c5
Baidu	Win32.Worm.VB.rw
Cyren	W32/Risk.PSBU-0914
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of Win32/VB.NSP
APEX	Malicious
Avast	Win32:Evo-gen [Susp]
ClamAV	Legacy.Trojan.Agent-1388589
GData	Worm.Generic.392214
Kaspersky	Trojan.Win32.Cosmu.y
BitDefender	Worm.Generic.392214
NANO-Antivirus	Trojan.Win32.VB.dfolbd
ViRobot	Trojan.Win32.Cosmu.127488
Tencent	Worm.Win32.Autorun.d
Ad-Aware	Worm.Generic.392214
Sophos	Mal/Cosmu-A
Comodo	Malware@#129w8boczxnwg
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.Siggen2.20784
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Ramnit.fc
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.b8379239d13c5564
Emsisoft	Worm.Generic.392214 (B)
SentinelOne	DFI – Malicious PE
F-Prot	W32/MalwareS.EUJ
Endgame	malicious (moderate confidence)
Avira	TR/Dropper.Gen
Antiy-AVL	Trojan/Win32.Cosmu.y
Microsoft	Worm:Win32/Chupik.B
Jiangmin	Trojan/Cosmu.luq
Arcabit	Worm.Generic.D5FC16
SUPERAntiSpyware	Trojan.Agent/Gen-Pikachu
ZoneAlarm	Trojan.Win32.Cosmu.y
AhnLab-V3	HEUR/Fakon.mwf
Acronis	suspicious
McAfee	W32/Worm-FEL!B8379239D13C
MAX	malware (ai score=81)
VBA32	SIM.Trojan.VBO.01822
Malwarebytes	Trojan.Agent
Panda	Trj/CI.A
Rising	Worm.VobfusEx!1.99E4 (CLASSIC)
Yandex	Win32.Sality.AQ.Gen
Ikarus	Worm.Win32.VB
MaxSecure	Trojan.Malware.11195990.susgen
Fortinet	W32/VB.NSP!worm
AVG	Win32:Evo-gen [Susp]
Paloalto	generic.ml
Qihoo-360	HEUR/QVM11.1.Malware.Gen