PUA

What is “XingWang Bundler (PUA)”?

Malware Removal

The XingWang Bundler (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What XingWang Bundler (PUA) virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Crashed cuckoomon during analysis. Report this error to the Github repo.
  • Network activity detected but not expressed in API logs

How to determine XingWang Bundler (PUA)?



File Info:

crc32: 600DA1D7
md5: 7b91b52c0722f76e8c840078adc64664
name: bitcomet_setup1.58.exe
sha1: 7903cc53bdbd5c2ec061683835e6f7798333734d
sha256: d4ab9c9cfe45bce57263c73e028a51aa6250f3124cd4ab6d26378d1f6c04b6a2
sha512: 82d39cd63390ce15662051775bdafb50ed351bc133b91985aaf6e6437552fd765cb9dda8974774eb8516a1555b6c652f1f844058c399810197edf8320b256cd9
ssdeep: 49152:6KI35BmET6tB+Buxzj9Y/DSbQQjDYcuNhlqzN3el1RHhM/AW/:aT1uBUu9jcSf9gag114z/
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Pamegol                                                                                             
FileVersion:                     
CompanyName:                                                             
Comments: This installation was built with Inno Setup.
ProductName: Bad                                                         
ProductVersion: 5.1.8                                             
FileDescription: Bad Setup                                                   
Translation: 0x0000 0x04b0

XingWang Bundler (PUA) also known as:

MicroWorld-eScanApplication.DealAlpha.2.Gen
McAfeeInstallCore
CylanceUnsafe
BitDefenderApplication.DealAlpha.2.Gen
TrendMicroPUA.Win32.InstallCore.USMANHOBGK
CyrenW32/Application.QUUR-3599
SymantecPUA.InstallCore!g9
ESET-NOD32Win32/InstallCore.Gen.B potentially unwanted
ViRobotAdware.Installcore.2618936
EmsisoftApplication.DealAlpha.2.Gen (B)
ComodoApplicUnwnt@#rmmcm18k9nqs
F-SecurePotentialRisk.PUA/InstallCore.deob
Invinceaheuristic
McAfee-GW-EditionInstallCore
FortinetW32/XingWang_Bundler
FireEyeApplication.DealAlpha.2.Gen
SophosXingWang Bundler (PUA)
MaxSecureTrojan.Malware.11973.susgen
MAXmalware (ai score=100)
Endgamemalicious (moderate confidence)
ArcabitApplication.DealAlpha.2.Gen
MicrosoftPUA:Win32/InstallCore
TrendMicro-HouseCallPUA.Win32.InstallCore.USMANHOBGK
RisingPacker.Win32.Obfuscator.n (CLASSIC)
eGambitUnsafe.AI_Score_96%
GDataScript.Application.InstallCore.MG
WebrootW32.Adware.Gen

How to remove XingWang Bundler (PUA)?

XingWang Bundler (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment