Trojan

Should I remove “Dropped:Trojan.Generic.11664888”?

Malware Removal

The Dropped:Trojan.Generic.11664888 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Dropped:Trojan.Generic.11664888 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Anomalous file deletion behavior detected (10+)
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Starts servers listening on 127.0.0.1:0
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (inter-process)
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering

How to determine Dropped:Trojan.Generic.11664888?



File Info:

name: 04889D3EA48B2C6BDB59.mlw
path: /opt/CAPEv2/storage/binaries/d5950afb126b29de89e00d4688f08848b896949c29e5037a78e89c6804c77dc6
crc32: CDA543CB
md5: 04889d3ea48b2c6bdb59c80d7c01ffa8
sha1: 7787ac5351c499750ec7784907fe8f292ed23375
sha256: d5950afb126b29de89e00d4688f08848b896949c29e5037a78e89c6804c77dc6
sha512: 07c3fdb5063698f2c0b20f624a11ed548691ed90dd079c03014773bf3e1547599f55a45bf40e7a12b6a8f18e6cc9472552bd3a3a754f4184f6860163fb152858
ssdeep: 6144:S50gUCqWhefYIeLX+ULIO3m95twAuZ+cL0udOIjWM8AvA7KGbN9cfjUiWQZCC:k0gm9YIczVmjuldONAvA7KGbNuwex
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13D8412A6AFE65532FDD10AB11AB142A7C66ABD310C34C61F77507ECE3E709428D28B53
sha3_384: b4f2cbc80fab2c7193b8b5c9d246a395c88a887abefe386f4a0077e9bfd53b43a2c29a06dd01d6709aca3e967e11d85b
ep_bytes: 81ecd4020000535556576a2033ed5e89
timestamp: 2012-02-24 19:20:04


Version Info:

Translation: 0x0409 0x04b0
CompanyName: MinesX
ProductName: takens
FileVersion: 1.00
ProductVersion: 1.00
InternalName: end2
OriginalFilename: end2.exe

Dropped:Trojan.Generic.11664888 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanDropped:Trojan.Generic.11664888
FireEyeGeneric.mg.04889d3ea48b2c6b
ALYacDropped:Trojan.Generic.11664888
CylanceUnsafe
ZillyaTrojan.Agent.Win32.2567830
K7AntiVirusTrojan ( 004ac2eb1 )
K7GWTrojan ( 004ac2eb1 )
Cybereasonmalicious.ea48b2
SymantecML.Attribute.HighConfidence
ESET-NOD32multiple detections
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Ransomware.Sodinokibi-9887839-0
KasperskyTrojan-Dropper.Win32.NSIS.xjr
BitDefenderDropped:Trojan.Generic.11664888
NANO-AntivirusTrojan.Win32.TrjGen.dewemv
AvastWin32:Malware-gen
TencentWin32.Trojan-dropper.Nsis.Eom
Ad-AwareDropped:Trojan.Generic.11664888
EmsisoftDropped:Trojan.Generic.11664888 (B)
DrWebTrojan.Siggen1.63828
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
SophosGeneric PUA HH (PUA)
SentinelOneStatic AI – Suspicious PE
GDataDropped:Trojan.Generic.11664888
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1122441
KingsoftWin32.Troj.Undef.(kcloud)
ViRobotTrojan.Win32.Z.Ymacco.386851
MicrosoftProgram:Win32/Wacapew.C!ml
CynetMalicious (score: 99)
AhnLab-V3PUP/Win32.Helper.R346731
McAfeeArtemis!04889D3EA48B
MAXmalware (ai score=87)
VBA32TrojanDropper.xjr
TrendMicro-HouseCallTROJ_GEN.R002H0CKM21
IkarusTrojan.SuspectCRC
AVGWin32:Malware-gen
PandaTrj/Genetic.gen

How to remove Dropped:Trojan.Generic.11664888?

Dropped:Trojan.Generic.11664888 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment