Adware

Adware.Midie.66109 (file analysis)

Malware Removal

The Adware.Midie.66109 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Adware.Midie.66109 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Checks adapter addresses which can be used to detect virtual network interfaces
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Attempts to modify browser security settings
  • Attempts to disable browser security warnings
  • Harvests cookies for information gathering
  • The sample wrote data to the system hosts file.

How to determine Adware.Midie.66109?


File Info:

name: B50C51FC07145D27057A.mlw
path: /opt/CAPEv2/storage/binaries/57f6e09b4157b8a7d90b9f896678069b6be7f4d085f6ccd2f405bc750b33b230
crc32: 8BCFE204
md5: b50c51fc07145d27057af569d14f05eb
sha1: 0857cef4a41922b018e386abe954019ae4302dac
sha256: 57f6e09b4157b8a7d90b9f896678069b6be7f4d085f6ccd2f405bc750b33b230
sha512: a0868e81bc078e9b81fbed5f367527b95565cd4af76ceb4de4c08f1e8ec015601d00f54e41de0842bf577dca4d13869190ea885f372519eca5ebba17a4c3b45c
ssdeep: 24576:JlMASNCyT6SqARSNb0/IyuogBR60rzrFv3K:LMAmCyT3RSNo/rgB/PBK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T185458C067660C0B2C2E86D305DA2FB746EBE6C705D395A9732C83B6E3E710C15A29D5F
sha3_384: c99553d76e876c9f225d698b0e7db4635ee50ee4a62ebf6b43024f481d59d3a9523e3bfc1e4604984939973af0bf9ec6
ep_bytes: e83db30000e978feffffcccccccccccc
timestamp: 1970-01-01 04:13:18

Version Info:

Comments: IE_FREAME
FileDescription: pulic
FileVersion: 1, 5, 11, 315
ProductName: IE_FREAME
ProductVersion: 0, 0, 0, 1
Translation: 0x0804 0x03a8

Adware.Midie.66109 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader17.52464
MicroWorld-eScanGen:Variant.Adware.Midie.66109
FireEyeGeneric.mg.b50c51fc07145d27
CAT-QuickHealTrojan.Skeeyah.S18729
ALYacGen:Variant.Adware.Midie.66109
CylanceUnsafe
VIPREGen:Variant.Adware.Midie.66109
K7AntiVirusAdware ( 004b8f741 )
K7GWAdware ( 004b8f741 )
CrowdStrikewin/malicious_confidence_90% (W)
ArcabitTrojan.Adware.Midie.D1023D
VirITTrojan.Win32.DownLoader17.CZPW
CyrenW32/Mikey.P.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Adware.Zzinfor.A
ClamAVWin.Malware.Zzinfor-9753457-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Adware.Midie.66109
NANO-AntivirusTrojan.Win32.Dwn.dyvjjo
AvastWin32:TrojanX-gen [Trj]
RisingTrojan.Clicker!1.ADC5 (CLASSIC)
Ad-AwareGen:Variant.Adware.Midie.66109
EmsisoftGen:Variant.Adware.Midie.66109 (B)
ComodoTrojWare.Win32.Zzinfor.B@7x6n2g
BaiduWin32.Trojan-Clicker.Agent.b
ZillyaTrojan.ZzinforGen.Win32.3
McAfee-GW-EditionGenericR-FIJ!B50C51FC0714
Trapminemalicious.high.ml.score
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Generic.bgssc
AviraTR/Downloader.Gen7
Antiy-AVLTrojan/Generic.ASMalwS.3303
KingsoftWin32.Heur.KVM007.a.(kcloud)
MicrosoftPUA:Win32/Bitrepeyp.B
GDataGen:Variant.Adware.Midie.66109
CynetMalicious (score: 100)
AhnLab-V3Dropper/Win.Injector.R420392
McAfeeGenericR-FIJ!B50C51FC0714
MAXmalware (ai score=68)
VBA32BScope.Malware-Cryptor.NSAnti.Gen.1
MalwarebytesAdware.Zzinfor
APEXMalicious
TencentMalware.Win32.Gencirc.10b08650
YandexTrojan.GenAsa!+2fev3cfj3U
MaxSecureTrojan.Malware.121218.susgen
FortinetRiskware/Zzinfor
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.c07145
PandaTrj/Genetic.gen

How to remove Adware.Midie.66109?

Adware.Midie.66109 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment