Trojan

AIT:Trojan.Nymeria.1733 malicious file

Malware Removal

The AIT:Trojan.Nymeria.1733 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AIT:Trojan.Nymeria.1733 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Behavioural detection: Injection with CreateRemoteThread in a remote process
  • CAPE detected the HawkEyev9 malware family
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Anomalous binary characteristics

How to determine AIT:Trojan.Nymeria.1733?



File Info:

name: 7E87E338517A0DBC4C30.mlw
path: /opt/CAPEv2/storage/binaries/298977b0896d3aecc7666d21c34f3440f72e771ed3705b1f4a8fd9bd4ed2be32
crc32: 59B67542
md5: 7e87e338517a0dbc4c30df559e8fb399
sha1: ab3affa77ee6842e3af866166812d4a4b671f3e7
sha256: 298977b0896d3aecc7666d21c34f3440f72e771ed3705b1f4a8fd9bd4ed2be32
sha512: 4345440132347fc7e1ceac84febed835041445d75f7c99d9d85a38d8e19b2363383cdb6215f90615a20024a35186e5dfe1ee0ae4c45fe4c025e6e9848416d170
ssdeep: 24576:IAHnh+eWsN3skA4RV1Hom2KXMmHaPhDHTjX0YPjDBf5sby/DU4V30C9vk3Ahrhk7:Ph+ZkldoPK8YaP6CdHD3G
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T116B5D1C6A3A980E2FE0677F39E1476C7477859314636401E23AD3D58AE735F2412EBA3
sha3_384: 6f35c7fc168536a9704ecb6d91cc3dc523e4bd20f39b6742b0272a0dee3851a0685df9a92b0cc192af19650ff8b583a5
ep_bytes: e8c8d00000e97ffeffffcccccccccccc
timestamp: 2019-03-21 00:07:15


Version Info:

0: [No Data]

AIT:Trojan.Nymeria.1733 also known as:

BkavW32.AIDetect.malware1
LionicHeuristic.File.Generic.00×1!p
MicroWorld-eScanAIT:Trojan.Nymeria.1733
FireEyeGeneric.mg.7e87e338517a0dbc
McAfeeArtemis!7E87E338517A
CylanceUnsafe
SangforVirus.Win32.Save.a
K7AntiVirusTrojan ( 005499561 )
AlibabaTrojan:Win32/AutInject.6125fb7b
K7GWTrojan ( 005499561 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/AutoIt.VI.gen!Eldorado
SymantecTrojan.Gen.MBT
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.Autoit.DUB
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.Autoit-6913218-0
KasperskyTrojan.Win32.Autoit.aburs
BitDefenderAIT:Trojan.Nymeria.1733
NANO-AntivirusTrojan.Win32.Autoit.fohdzb
AvastAutoIt:Injector-JM [Trj]
TencentWin32.Trojan.Autoit.Ltgl
Ad-AwareAIT:Trojan.Nymeria.1733
EmsisoftAIT:Trojan.Nymeria.1733 (B)
ComodoMalware@#14u8nvkqbgfaj
DrWebTrojan.AutoIt.349
VIPREAIT:Trojan.Nymeria.1733
TrendMicroTrojan.AutoIt.CRYPTINJECT.SMA
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.vh
Trapminesuspicious.low.ml.score
SophosMal/Generic-S + Mal/AuItInj-A
GDataAIT:Trojan.Nymeria.1733 (2x)
GoogleDetected
AviraHEUR/AGEN.1245449
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASCommon.151
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Skeeyah.A!rfn
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/AutoInj.Exp
BitDefenderThetaAI:Packer.80DAC57717
ALYacTrojan.AutoIt.Gen
VBA32Trojan.AutoIt
MalwarebytesSpyware.HawkEyeKeyLogger
TrendMicro-HouseCallTrojan.AutoIt.CRYPTINJECT.SMA
IkarusTrojan.Autoit
FortinetW32/Injector.EDGR!tr
AVGAutoIt:Injector-JM [Trj]
Cybereasonmalicious.8517a0
PandaTrj/CI.A

How to remove AIT:Trojan.Nymeria.1733?

AIT:Trojan.Nymeria.1733 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment