Trojan

AIT:Trojan.Nymeria.4550 (B) removal tips

Malware Removal

The AIT:Trojan.Nymeria.4550 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AIT:Trojan.Nymeria.4550 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine AIT:Trojan.Nymeria.4550 (B)?



File Info:

name: C5C5726B2FE81AAB9CFA.mlw
path: /opt/CAPEv2/storage/binaries/5e1d70494d197d1d5dafa02c8e99cd6f3965bf83d1e1d314b0ec306a125889f5
crc32: A11A32B1
md5: c5c5726b2fe81aab9cfa406fcb5ca558
sha1: 4b4207332e02ca90907e500a7ac37d171ac1a03b
sha256: 5e1d70494d197d1d5dafa02c8e99cd6f3965bf83d1e1d314b0ec306a125889f5
sha512: 5ce8e8789a124f56ae976d0cbfd3e47d36c14b6a7a2db1879b08d15d0d55855b0e380c9d9e51c6ef3f757c08bbc1b3eb30ed7cc42f8b6414212f01479bdaeef2
ssdeep: 49152:BkxOm+7TjsPnztyDMYPLrMH9pP9JrI5BVOfIqJbWtTjGiONEh:BJotyD1MhJkROmtTj/jh
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1B0E5D09933A891A9FEB7E077C602C257C6B17C4A4277872F01E06AB67F736711A1E311
sha3_384: 974bb0c859de15e180d4baa788559b3748d34299761e880785e4ca2530ce873b8e5d43d199c8da62fd781e63a9d04f97
ep_bytes: 4883ec28e8bfb300004883c428e936fe
timestamp: 2021-12-07 08:37:15


Version Info:

FileVersion: 3.3.14.5
Comments: http://www.autoitscript.com/autoit3/
FileDescription: RSImageX2.83
ProductVersion: 3.3.14.5
LegalCopyright: ©1999-2018 Jonathan Bennett & AutoIt Team
Translation: 0x0409 0x04b0

AIT:Trojan.Nymeria.4550 (B) also known as:

LionicTrojan.Win32.Nymeria.4!c
MicroWorld-eScanAIT:Trojan.Nymeria.4550
FireEyeGeneric.mg.c5c5726b2fe81aab
McAfeeArtemis!C5C5726B2FE8
CylanceUnsafe
AlibabaTrojan:Win32/Injector.2266a80f
ESET-NOD32a variant of Win32/Injector.Autoit.SQ
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 99)
BitDefenderAIT:Trojan.Nymeria.4550
AvastWin64:Trojan-gen
Ad-AwareAIT:Trojan.Nymeria.4550
SophosGeneric ML PUA (PUA)
TrendMicroTROJ_GEN.R002C0PL921
McAfee-GW-EditionBehavesLike.Win64.Emotet.wm
EmsisoftAIT:Trojan.Nymeria.4550 (B)
GDataAIT:Trojan.Nymeria.4550
AviraHEUR/AGEN.1143731
GridinsoftRansom.Win64.Sabsik.sa
ArcabitAIT:Trojan.Nymeria.D11C6
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ALYacAIT:Trojan.Nymeria.4550
MAXmalware (ai score=86)
MalwarebytesMalware.AI.2630883
TrendMicro-HouseCallTROJ_GEN.R002C0PL921
IkarusTrojan.Win32.Injector
FortinetAutoIt/Injector.FO!tr
AVGWin64:Trojan-gen
Cybereasonmalicious.b2fe81

How to remove AIT:Trojan.Nymeria.4550 (B)?

AIT:Trojan.Nymeria.4550 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment