Malware

Application.Generic.1849042 removal guide

Malware Removal

The Application.Generic.1849042 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Generic.1849042 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Starts servers listening on 0.0.0.0:5217, 0.0.0.0:5317, 0.0.0.0:36698
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Sniffs keystrokes

How to determine Application.Generic.1849042?



File Info:

name: 93D63BF55405F00BB3B8.mlw
path: /opt/CAPEv2/storage/binaries/a4256846de95937de46d0a1d39b2647903019a870dd28f3dc03166161abe9300
crc32: F1251B6B
md5: 93d63bf55405f00bb3b8bcf38f80f5c2
sha1: 659f528f300617c1c05c71cebd8a9be7026541d0
sha256: a4256846de95937de46d0a1d39b2647903019a870dd28f3dc03166161abe9300
sha512: e06a7d6ecf10f9b4c6f5289b86d13787a0ab37dcbc60ce9ba5a09bb61106bf030ec1216a81e6d11a819136904425bab79c7446240c7de2f33ba58ab3ede54cc7
ssdeep: 24576:QyKy3CY/jpRkWsUJTF3KE+ecRba2h06/wRJCoEC:QySYVmUJTF8559fRoEC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DB559D12F1D780B2D342263014AB6339FA759F594B218BCBA7E8FE3C5D32191D6B714A
sha3_384: a025232c2c2a810e0542983d3d73ba867301a0377bd8b195ee4bea6057d5d638d391fefb8f02f6c0c4c86b1eaa42921e
ep_bytes: 558bec6aff68709d51006874674b0064
timestamp: 2018-02-07 15:11:14


Version Info:

FileVersion: 1.0.0.0
FileDescription: S2 Gate Way
ProductName: S2 Gate Way
ProductVersion: 1.0.0.0
CompanyName: 尘
LegalCopyright: S2网关定制版
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

Application.Generic.1849042 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.lIa2
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
McAfeeArtemis!93D63BF55405
CylanceUnsafe
SangforTrojan.Win32.Kolovorot.cjy
K7AntiVirusTrojan ( 005246d51 )
BitDefenderApplication.Generic.1849042
K7GWTrojan ( 005246d51 )
Cybereasonmalicious.55405f
CyrenW32/Trojan.CLL.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Malware.Confidence-6629254-0
KasperskyTrojan.Win32.Kolovorot.cjy
AlibabaTrojan:Win32/Kolovorot.c0cf1f6b
NANO-AntivirusTrojan.Win32.Kolovorot.fcqqfm
MicroWorld-eScanApplication.Generic.1849042
RisingTrojan.Generic@AI.92 (RDMK:ZBzwpCptzs7QjNnVxb67PQ)
Ad-AwareApplication.Generic.1849042
EmsisoftApplication.Generic.1849042 (B)
ComodoWorm.Win32.Dropper.RA@1qraug
F-SecureTrojan.TR/Kolovorot.sbepd
DrWebTrojan.MulDrop8.24671
ZillyaTrojan.Kolovorot.Win32.630
McAfee-GW-EditionBehavesLike.Win32.Trojan.th
FireEyeGeneric.mg.93d63bf55405f00b
SophosGeneric PUA GF (PUA)
WebrootW32.Gen.BT
AviraTR/Kolovorot.sbepd
MAXmalware (ai score=95)
MicrosoftTrojan:Win32/Occamy.CA4
ArcabitApplication.Generic.D1C36D2
ZoneAlarmTrojan.Win32.Kolovorot.cjy
GDataWin32.Trojan.FlyStudio.S
VBA32Trojan.Kolovorot
ALYacApplication.Generic.1849042
TACHYONTrojan/W32.Kolovorot.1372160
MalwarebytesTrojan.MalPack.FlyStudio
TrendMicro-HouseCallTROJ_GEN.R014H0CCR22
TencentMalware.Win32.Gencirc.11691182
SentinelOneStatic AI – Malicious PE
MaxSecureDropper.Dinwod.frindll
FortinetW32/Kolovorot.CJY!tr
BitDefenderThetaGen:NN.ZexaF.34638.tr0@ayrZ5Yib
AVGWin32:Malware-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Application.Generic.1849042?

Application.Generic.1849042 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment