Malware

Application.Heur.dmKfkKISluiO information

Malware Removal

The Application.Heur.dmKfkKISluiO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Heur.dmKfkKISluiO virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Unconventionial language used in binary resources: Hebrew
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Application.Heur.dmKfkKISluiO?



File Info:

name: 9D81EDB8DBE9102310A0.mlw
path: /opt/CAPEv2/storage/binaries/145aaf8b0a00c67cc841a50743a06b1c49a5aeb19e803f0acd39edf4e620080c
crc32: 713C5CDD
md5: 9d81edb8dbe9102310a08dcce342ea36
sha1: fb9a94661bc52636341b98f6245b36b41ef52d4a
sha256: 145aaf8b0a00c67cc841a50743a06b1c49a5aeb19e803f0acd39edf4e620080c
sha512: 38cccf39f7a55ef0e0985b6402a93130feac61a32bb3d05fdc4aed2bac009beb45dec7cc919f6bfbb4259b28e2fbb758441766be3d2b20ffcfdcaf0967639c57
ssdeep: 1536:apBOBa27kdj/+bvKHSGG5069LyyyH9l4PtrCcvTlhdY0q:azOBa2+mGjGG6i7GOuhhdY0q
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FD43F28AF9100E2DC86688314B934E25DFACB606671CD7476AD02EBFBC361835B4749B
sha3_384: 977459873c86ef70e032681d750e80526b3802462fcac2a69de8801c6306c090d89ccffa53e58c50adcc878497bcafc7
ep_bytes: 60be007041008dbe00a0feff5783cdff
timestamp: 2011-08-01 17:00:08


Version Info:

CompanyName: NirSoft
FileDescription: RouterPassView
FileVersion: 1.33
InternalName: RouterPassView
LegalCopyright: Copyright © 2010 - 2011 Nir Sofer
OriginalFilename: RouterPassView.exe
ProductName: RouterPassView
ProductVersion: 1.33
Translation: 0x0409 0x04b0

Application.Heur.dmKfkKISluiO also known as:

LionicRiskware.Win32.Dmkfkkisluio.1!c
MicroWorld-eScanGen:Application.Heur.dmKfkKISluiO
FireEyeGeneric.mg.9d81edb8dbe91023
McAfeeHTool-PassView
CylanceUnsafe
Cybereasonmalicious.8dbe91
CyrenW32/S-2d44635c!Eldorado
ESET-NOD32a variant of Win32/PSWTool.RouterPassView.B potentially unsafe
APEXMalicious
BitDefenderGen:Application.Heur.dmKfkKISluiO
NANO-AntivirusRiskware.Win32.PassView.cocrxe
Ad-AwareGen:Application.Heur.dmKfkKISluiO
DrWebTool.PassView.733
VIPRENirsoft Password Recovery (not malicious)
TrendMicroHackTool.Win32.NirsoftPT.SM
EmsisoftGen:Application.Heur.dmKfkKISluiO (B)
IkarusGen.Application.Heur
GDataGen:Application.Heur.dmKfkKISluiO
MAXmalware (ai score=78)
Antiy-AVLTrojan/Generic.ASMalwS.2B75D20
ViRobotAdware.Agent.59392.M
MicrosoftTrojan:Win32/Occamy.C14
ALYacGen:Application.Heur.dmKfkKISluiO
MalwarebytesRiskWare.PasswordTool
TrendMicro-HouseCallHackTool.Win32.NirsoftPT.SM
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/RouterPassView

How to remove Application.Heur.dmKfkKISluiO?

Application.Heur.dmKfkKISluiO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment