Worm

Worm:Win32/Plurp.A removal guide

Malware Removal

The Worm:Win32/Plurp.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm:Win32/Plurp.A virus can do?

  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Worm:Win32/Plurp.A?



File Info:

name: 155DB173EB69D24898E6.mlw
path: /opt/CAPEv2/storage/binaries/ee4fb9a2637b4bbd4e647a9c603c6573862c0af3239a23c368308ede205e94ca
crc32: 64ADE161
md5: 155db173eb69d24898e652bce4b21e44
sha1: 675232bd7490fc73070801545b07882c6fd0cc30
sha256: ee4fb9a2637b4bbd4e647a9c603c6573862c0af3239a23c368308ede205e94ca
sha512: f125696649c22518b4b65eb2812faee4b6a3577858fc1cbc36bbe4383e7fc3523d7ef077a888086be45693ba358fd0e93bb114b10a229c22c1422a2befa50564
ssdeep: 96:djN2tdaQIBy6IWmF0m+1coKdxF8eaaQiehPTBWBqt:didneAWmOj3KeoQiehPTBW0t
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13DF107025FA35C6BD0D90279D1EA5229DABFA4F14DF206026750D9DD38BA38E8C2DC37
sha3_384: 548b95783fa05c4f3ea1711d8748a07abd31aa5026279e1b8fe2dcb3fabe410a3500d5d2b5d85fb8429b06897a2fdb7f
ep_bytes: e8000000005b81eb05404000e8b00000
timestamp: 2002-04-18 05:42:26


Version Info:

0: [No Data]

Worm:Win32/Plurp.A also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebWin32.Purple.6741
MicroWorld-eScanGeneric.Malware.SMe.AF51F212
CAT-QuickHealWorm.Plemood.20536
McAfeeW32/Pupil
CylanceUnsafe
ZillyaWorm.Plemood.Win32.1
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005800471 )
K7GWTrojan ( 005800471 )
Cybereasonmalicious.3eb69d
BitDefenderThetaAI:Packer.4BD939D31E
CyrenW32/A-ef5ca5b5!Eldorado
SymantecW95.Doggie.gen
ESET-NOD32a variant of Win32/Purplemood.B
TrendMicro-HouseCallPossible_Virus
ClamAVWin.Worm.Pumoo-1
KasperskyEmail-Worm.Win32.Plemood.b
BitDefenderGeneric.Malware.SMe.AF51F212
NANO-AntivirusVirus.Win32.Gen.ccmw
AvastWin32:Plemood-B [Wrm]
TencentWorm.Win32.Plemood.wa
Ad-AwareGeneric.Malware.SMe.AF51F212
EmsisoftGeneric.Malware.SMe.AF51F212 (B)
ComodoEmailWorm.Win32.Plemood.ai001@1o935k
VIPRERiskTool.Win32.ProcessPatcher.Sml!cobra (v) (not malicious)
TrendMicroPossible_Virus
McAfee-GW-EditionBehavesLike.Win32.Infected.zt
FireEyeGeneric.mg.155db173eb69d248
SophosML/PE-A + W32/Purple-A
SentinelOneStatic AI – Malicious PE
GDataGeneric.Malware.SMe.AF51F212
JiangminWorm/Plemood.b
MaxSecureTrojan.Malware.300983.susgen
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=86)
Antiy-AVLTrojan/Generic.ASBOL.118A
ArcabitGeneric.Malware.SMe.AF51F212
ViRobotI-Worm.Win32.Plemood.7680
MicrosoftWorm:Win32/Plurp.A
CynetMalicious (score: 100)
AhnLab-V3Worm/Win32.Plemood.R7921
VBA32BScope.Worm.Plemood
ALYacGeneric.Malware.SMe.AF51F212
TACHYONWorm/W32.Plemood.7680
MalwarebytesTrojan.Purplemood
APEXMalicious
RisingMalware.Heuristic!ET#98% (RDMK:cmRtazqt4NkJmmg4JLtxoStOpeU0)
YandexWin32.Plemood.B
IkarusEmail-Worm.Win32.Plemood
eGambitUnsafe.AI_Score_99%
FortinetW32/Plemood.EMW!tr
AVGWin32:Plemood-B [Wrm]
PandaW32/Plemood.A.worm
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Worm:Win32/Plurp.A?

Worm:Win32/Plurp.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment