Trojan

AIT:Trojan.Nymeria.4564 (B) malicious file

Malware Removal

The AIT:Trojan.Nymeria.4564 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AIT:Trojan.Nymeria.4564 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Portuguese (Brazil)
  • Unconventionial language used in binary resources: Portuguese (Brazilian)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine AIT:Trojan.Nymeria.4564 (B)?



File Info:

name: 76CDFBFA8534299312B4.mlw
path: /opt/CAPEv2/storage/binaries/349e2fd177861f2aa7cf9bbe9e99babccea3668ebcdcc89ef47ca82d31a3eb66
crc32: CE7C70A0
md5: 76cdfbfa8534299312b489537daaf413
sha1: f79e3b09191147ae0f6a566602e5361f058296fa
sha256: 349e2fd177861f2aa7cf9bbe9e99babccea3668ebcdcc89ef47ca82d31a3eb66
sha512: 54631a75ad52ba51bd4f9bc18e32939b00e341f8f423ca3ffd588c0fb631b491ea313c523d8512d7e1e9395f757f1cf0a83c8c221cee02f1bdbe321e527f7a24
ssdeep: 24576:CAHnh+eWsN3skA4RV1Hom2KXMmHaxobV1RasTVUdWqXowo456:Fh+ZkldoPK8YaxoB1ksuh9r6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A345AD0273D18036FFABA2739B65B28596BE79250273D42F53D81DBAB8701B1172D273
sha3_384: e43c9cf4c9f4a890dd437189cd2312405b16d53512b41e75c58eca78095e17a75a2b9c86c82cafad4a559b1549f8fdd3
ep_bytes: e8c8d00000e97ffeffffcccccccccccc
timestamp: 2021-07-22 05:14:45


Version Info:

FileVersion: 2021.7.22.781
Comments: yOwl
FileDescription: yOwl Settings
ProductVersion: 2021.7.22.781
CompanyName: YDreams Global
LegalCopyright: YDreams Global
OriginalFileName: yowl-settings.exe
ProductName: yOwl Settings
Translation: 0x0416 0x04b0

AIT:Trojan.Nymeria.4564 (B) also known as:

BkavW32.AIDetect.malware1
LionicHacktool.Win32.Gamehack.3!e
CynetMalicious (score: 100)
FireEyeAIT:Trojan.Nymeria.4564
McAfeeArtemis!76CDFBFA8534
CylanceUnsafe
Paloaltogeneric.ml
ClamAVWin.Trojan.Nymeria-9889447-0
BitDefenderAIT:Trojan.Nymeria.4564
MicroWorld-eScanAIT:Trojan.Nymeria.4564
Ad-AwareAIT:Trojan.Nymeria.4564
EmsisoftAIT:Trojan.Nymeria.4564 (B)
McAfee-GW-EditionArtemis
GDataAIT:Trojan.Nymeria.4564 (2x)
MicrosoftTrojan:Win32/Wacatac.B!ml
ALYacAIT:Trojan.Nymeria.4564
MAXmalware (ai score=89)
MalwarebytesMachineLearning/Anomalous.100%
TrendMicro-HouseCallTROJ_GEN.R002H09H321
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat

How to remove AIT:Trojan.Nymeria.4564 (B)?

AIT:Trojan.Nymeria.4564 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment