Malware

Dropped:Generic.Malware.SWXi.5CB39A03 (file analysis)

Malware Removal

The Dropped:Generic.Malware.SWXi.5CB39A03 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Dropped:Generic.Malware.SWXi.5CB39A03 virus can do?

  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Deletes its original binary from disk
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Dropped:Generic.Malware.SWXi.5CB39A03?



File Info:

crc32: F3918594
md5: 2df1c46d2fe749e4ddce7b6ca99caa65
name: 2DF1C46D2FE749E4DDCE7B6CA99CAA65.mlw
sha1: 534a3bc94b42ca665ed262e3a8614222954aba54
sha256: 01e06d52940ee68fb173a2b6eaaf74989b435cb99d21f4603e6ec53783229d30
sha512: 74ed77a1ec3ce1be30779ec7394940977279d124f90dff34e72a68f09104b255cc7f3d3b332f2f7bb4b8d37fa872893f5ceec4652f83715f772ca5a3fdf781c1
ssdeep: 3072:/cL0bUTppDAYzIMUNRD5b0zs7y4JTrjNC7puEEMohqTY9V2:bbUTp1VUjD5as7y4JTrjIpMM6V4
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

LegalCopyright: Mozilla Corporation
FileVersion: 43.0.1
CompanyName: Mozilla Corporation
LegalTrademarks: Firefox is a Trademark of The Mozilla Foundation.
ProductName: Firefox
ProductVersion: 43.0.1
FileDescription: Mozilla Maintenance Service Installer
OriginalFilename: maintenanceservice_installer.exe
Translation: 0x0409 0x04b0

Dropped:Generic.Malware.SWXi.5CB39A03 also known as:

Elasticmalicious (high confidence)
DrWebBackDoor.Swz.125
ALYacDropped:Generic.Malware.SWXi.5CB39A03
CylanceUnsafe
Cybereasonmalicious.d2fe74
CyrenW32/Trojan.NDFR-2242
AvastWin32:DCom-AA [Expl]
ClamAVWin.Exploit.DCOM-5
BitDefenderDropped:Generic.Malware.SWXi.5CB39A03
MicroWorld-eScanDropped:Generic.Malware.SWXi.5CB39A03
Ad-AwareDropped:Generic.Malware.SWXi.5CB39A03
McAfee-GW-EditionExploit-DcomRpc.g.gen
FireEyeDropped:Generic.Malware.SWXi.5CB39A03
EmsisoftDropped:Generic.Malware.SWXi.5CB39A03 (B)
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataDropped:Generic.Malware.SWXi.5CB39A03
McAfeeExploit-DcomRpc.g.gen
MAXmalware (ai score=83)
MalwarebytesMalware.AI.2941585828
RisingVirus.Futu!1.B2CB (CLASSIC)
AVGWin32:DCom-AA [Expl]

How to remove Dropped:Generic.Malware.SWXi.5CB39A03?

Dropped:Generic.Malware.SWXi.5CB39A03 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment