Seeing the Win32/Filecoder.NUQ detection name means that your system is in big danger. This virus can correctly be named as ransomware – type of malware which ciphers your files and asks you to pay for their decryption. Removing it requires some specific steps that must be done as soon as possible.
Win32/Filecoder.NUQ detection is a malware detection you can spectate in your system. It often shows up after the preliminary procedures on your computer – opening the dubious e-mail messages, clicking the banner in the Web or installing the program from suspicious sources. From the second it appears, you have a short time to act before it starts its malicious activity. And be sure – it is better not to wait for these harmful things.
What is Win32/Filecoder.NUQ virus?
Win32/Filecoder.NUQ Summary
In total, Win32/Filecoder.NUQ malware actions in the infected computer are next:
- SetUnhandledExceptionFilter detected (possible anti-debug);
- Yara rule detections observed from a process memory dump/dropped files/CAPE;
- Dynamic (imported) function loading detected;
- The binary contains an unknown PE section name indicative of packing;
- The binary likely contains encrypted or compressed data.;
- The executable is compressed using UPX;
- Authenticode signature is invalid;
- Ciphering the documents kept on the victim’s disk drive — so the victim cannot check these documents;
- Blocking the launching of .exe files of anti-malware programs
- Blocking the launching of installation files of anti-malware apps
Ransomware has been a horror story for the last 4 years. It is challenging to realize a more hazardous malware for both individual users and organizations. The algorithms used in Win32/Filecoder.NUQ (generally, RHA-1028 or AES-256) are not hackable – with minor exclusions. To hack it with a brute force, you need more time than our galaxy already exists, and possibly will exist. But that virus does not do all these bad things without delay – it may take up to a few hours to cipher all of your documents. Thus, seeing the Win32/Filecoder.NUQ detection is a clear signal that you have to start the removal procedure.
Where did I get the Win32/Filecoder.NUQ?
Common ways of Win32/Filecoder.NUQ distribution are standard for all other ransomware examples. Those are one-day landing websites where users are offered to download the free program, so-called bait emails and hacktools. Bait emails are a quite modern tactic in malware spreading – you get the email that imitates some routine notifications about shipments or bank service conditions shifts. Within the email, there is a corrupted MS Office file, or a link which leads to the exploit landing page.
Malicious email message. This one tricks you to open the phishing website.
Avoiding it looks pretty uncomplicated, but still needs a lot of focus. Malware can hide in different spots, and it is better to prevent it even before it goes into your system than to rely on an anti-malware program. Common cybersecurity awareness is just an important item in the modern world, even if your interaction with a PC stays on YouTube videos. That can keep you a great deal of money and time which you would spend while searching for a fix guide.
Win32/Filecoder.NUQ malware technical details
File Info:
name: A4C2609B33CA913A24CB.mlwpath: /opt/CAPEv2/storage/binaries/8ef58d79a998d1574dd87dec3812fd90d0ac5cd07e4b8450455c7430563a0252crc32: 13F96B1Bmd5: a4c2609b33ca913a24cb6e0a56075a2fsha1: ddeac8cb932cf1da6e337ae2dc2dd7161d8b9d5asha256: 8ef58d79a998d1574dd87dec3812fd90d0ac5cd07e4b8450455c7430563a0252sha512: 1cce2e7d78d6842fe5d40870c3c4b8e34d6ffb837f0d763c5360aace6d8f9ee485942e92a6ac890972b9ce68a4d51e51f51303e9bd93856ba49c4e2375bd8af0ssdeep: 768:w8jWrf/rQtvaGgvkgxCekQAujk8DZSw07rmtYv0CvRyPTx2y5ZHN+jesjqe+BXdK:w8jWrf/rUgvDxCX3qkCoh7rOYMaw2M6Ltype: PE32 executable (console) Intel 80386, for MS Windowstlsh: T1F813E2731546A66CD9100E3EB8D00432260F4892A21EEFC7B57DD9E2EE71E96F6B5123sha3_384: 2aa55694ffcec46da52e31825aee9d29b178e734f1243436461304726a786166f1635fbea684c0e7ad25ecc9602a992eep_bytes: 60be001041008dbe0000ffff57eb0b90timestamp: 2017-09-12 22:07:42Version Info:
0: [No Data]
Win32/Filecoder.NUQ also known as:
| Lionic | Trojan.Win32.Generic.4!c |
| McAfee | GenericRXAA-FA!A4C2609B33CA |
| K7AntiVirus | Trojan ( 005497211 ) |
| Alibaba | Trojan:Win32/Filecoder.febe223c |
| K7GW | Trojan ( 005497211 ) |
| Cybereason | malicious.b33ca9 |
| Elastic | malicious (moderate confidence) |
| ESET-NOD32 | Win32/Filecoder.NUQ |
| APEX | Malicious |
| Cynet | Malicious (score: 100) |
| BitDefender | Gen:Variant.Jaik.45800 |
| MicroWorld-eScan | Gen:Variant.Jaik.45800 |
| Avast | Win32:Malware-gen |
| Tencent | Win32.Trojan.Filecoder.Lnnu |
| Ad-Aware | Gen:Variant.Jaik.45800 |
| Sophos | Mal/Generic-S |
| Zillya | Trojan.Filecoder.Win32.9237 |
| McAfee-GW-Edition | BehavesLike.Win32.Dropper.pc |
| Trapmine | malicious.high.ml.score |
| FireEye | Gen:Variant.Jaik.45800 |
| Emsisoft | Gen:Variant.Jaik.45800 (B) |
| SentinelOne | Static AI – Malicious PE |
| GData | Gen:Variant.Jaik.45800 |
| Jiangmin | Trojan.Agent.dien |
| Webroot | W32.Malware.Gen |
| Arcabit | Trojan.Jaik.DB2E8 |
| Microsoft | Ransom:Win32/Filecoder!MSR |
| AhnLab-V3 | Malware/Win32.Generic.C2591717 |
| ALYac | Gen:Variant.Jaik.45800 |
| MAX | malware (ai score=99) |
| Malwarebytes | Malware.Heuristic.1003 |
| Rising | Backdoor.Fynloski!8.1FD (CLOUD) |
| Ikarus | Trojan-Ransom.FileCrypter |
| MaxSecure | Trojan.Malware.300983.susgen |
| Fortinet | W32/Filecoder.FC0B!tr.ransom |
| BitDefenderTheta | Gen:NN.ZexaF.34712.cmGfaWHCuTii |
| AVG | Win32:Malware-gen |
| Panda | Trj/RnkBend.A |
| CrowdStrike | win/malicious_confidence_100% (W) |
Leave a Comment