Malware

What is “Application.Strictor.115298”?

Malware Removal

The Application.Strictor.115298 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Strictor.115298 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Enumerates running processes
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Created a process from a suspicious location
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Detects Bochs through the presence of a registry key
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Application.Strictor.115298?



File Info:

name: B03F2EA98D8F573AF437.mlw
path: /opt/CAPEv2/storage/binaries/ad0e96add92365f0294adb04a0d940b81c95141af6c1699be8fa706e5c34bd26
crc32: E341DD2B
md5: b03f2ea98d8f573af437a49a72359836
sha1: d8d564c6c5f4954588121dbf05f74f0e5961ad27
sha256: ad0e96add92365f0294adb04a0d940b81c95141af6c1699be8fa706e5c34bd26
sha512: 1784bcea1e6dcf58b53f31206c3fde9d15b84c481a2f7fd569a83d4ff44b22dfb60ad04a0aaa991de882136ca9c5ff32e1bc0588ec8e05953b9a20b22bea439a
ssdeep: 49152:WQeeMNnno1pxdxy8zBsaHmuhygPFoX9mTj8Akky8onaIpda3F7wJxthfWY6SU9:WQee4o15gcqgm+ygPFoUEdkyTnaEtAJf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DBE522052DC116AAED130EB7DCDEDDC38BE9FB14B36B065B76856B2823E59294005F32
sha3_384: d9375f6f1c12c94972c6eb74f57de61344292e9a16d08e60f18f4c52936b672a2ab86d2e89169ca37964e69d74d9c97d
ep_bytes: 558bec6aff682821400068a01e400064
timestamp: 2011-01-31 17:44:13


Version Info:

0: [No Data]

Application.Strictor.115298 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Application.Strictor.115298
FireEyeGeneric.mg.b03f2ea98d8f573a
ALYacGen:Variant.Application.Strictor.115298
CylanceUnsafe
SangforTrojan.Win32.Kaymundler.8
Cybereasonmalicious.98d8f5
CyrenW32/Adload.CI.gen!Eldorado
SymantecTrojan.Gen.2
ESET-NOD32multiple detections
APEXMalicious
Paloaltogeneric.ml
Kasperskynot-a-virus:HEUR:AdWare.Win32.Generic
BitDefenderGen:Variant.Application.Strictor.115298
NANO-AntivirusRiskware.Win32.Amonetize.eivsob
AvastWin32:Dropper-gen [Drp]
TencentTrojan.Win32.BitCoinMiner.la
Ad-AwareGen:Variant.Application.Strictor.115298
SophosTroj/Addrop-J
ComodoApplicUnwnt@#1ucy3gnz5qe10
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Dropper.vc
EmsisoftGen:Variant.Application.Strictor.115298 (B)
IkarusTrojan-Dropper.Kaymundler
GDataGen:Variant.Application.Strictor.115298
WebrootW32.Malware.Gen
AviraADWARE/Amonetize.Gen7
MAXmalware (ai score=77)
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojanDropper:Win32/Kaymundler.C
CynetMalicious (score: 99)
AhnLab-V3PUP/Win32.OutBrowse.R189773
McAfeeArtemis!B03F2EA98D8F
MalwarebytesMalware.AI.4039554766
RisingTrojan.Generic@ML.98 (RDMK:3ldz0sNAbJ6kFo7dNk+FGA)
YandexPUA.Agent!N8LzYFJyUMg
SentinelOneStatic AI – Suspicious PE
FortinetRiskware/Amonetize
AVGWin32:Dropper-gen [Drp]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Application.Strictor.115298?

Application.Strictor.115298 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment