Trojan

Dropped:Trojan.Generic.12157355 removal tips

Malware Removal

The Dropped:Trojan.Generic.12157355 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Dropped:Trojan.Generic.12157355 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Performs HTTP requests potentially not found in PCAP.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine Dropped:Trojan.Generic.12157355?


File Info:

name: 4837C61CB58BB1C99207.mlw
path: /opt/CAPEv2/storage/binaries/c6d38053f54bb67b656ee463a17d5b3e9666cce0aba87fc3cfa6f00ee159a8ea
crc32: C6613E1D
md5: 4837c61cb58bb1c99207bb0ef2a22386
sha1: 447107244196b4bf58af9a10da106ba95015f542
sha256: c6d38053f54bb67b656ee463a17d5b3e9666cce0aba87fc3cfa6f00ee159a8ea
sha512: a74cfbf3b8bf53fd245e31093e0ba5e99ba0ce21c1c8e3186dae0f4cba42a54c0dff510ab530672d7639778dffa4dee2bf9aa59cc1dc3054bdef1bf9eaaeddc6
ssdeep: 3072:62i4+F04cClgnqY6V8IC1ZO/F3Jgc+AubXWGaDxsY:62i4+FoClYqY6SGYZAubXWGaDxn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T168049EE4F10805EFC01518F1745ED4CB18ADA99371AB2CF62B194DDB6B92986CF8327E
sha3_384: 9e95a964279c342e0fb6fff0ff0a09f7da03374e5a02ac38023d6acfdba386ec5a878af1cb02e37ee692aac3e64f8b76
ep_bytes: e8b7180000e989feffff8bff558bec81
timestamp: 2014-11-11 13:43:17

Version Info:

0: [No Data]

Dropped:Trojan.Generic.12157355 also known as:

BkavW32.AIDetect.malware1
DrWebTrojan.DownLoad3.31989
MicroWorld-eScanDropped:Trojan.Generic.12157355
FireEyeGeneric.mg.4837c61cb58bb1c9
ALYacDropped:Trojan.Generic.12157355
CylanceUnsafe
ZillyaTrojan.OnionDuke.Win32.5
K7AntiVirusTrojan ( 004b0eb01 )
K7GWTrojan ( 004b0eb01 )
Cybereasonmalicious.cb58bb
BitDefenderThetaAI:Packer.CF7ABE931F
VirITTrojan.Win32.DownLoad3.BVIJ
CyrenW32/Agent.EUZ.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/OnionDuke.B
APEXMalicious
KasperskyVHO:Backdoor.Win32.MiniDuke.gen
BitDefenderDropped:Trojan.Generic.12157355
NANO-AntivirusTrojan.Win32.DownLoad3.cwhjiq
AvastWin32:Malware-gen
RisingBackdoor.Miniduke!8.4821 (TFE:dGZlOgXYitmE3nRmew)
Ad-AwareDropped:Trojan.Generic.12157355
VIPREDropped:Trojan.Generic.12157355
McAfee-GW-EditionBehavesLike.Win32.MultiPlug.ch
Trapminemalicious.high.ml.score
EmsisoftDropped:Trojan.Generic.12157355 (B)
SentinelOneStatic AI – Suspicious PE
GDataDropped:Trojan.Generic.12157355
JiangminBackdoor.MiniDuke.c
GoogleDetected
AviraTR/Crypt.ZPACK.Gen4
MAXmalware (ai score=88)
Antiy-AVLTrojan/Generic.ASMalwS.330C
ArcabitTrojan.Generic.DB981AB
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.Gen
VBA32BScope.Backdoor.Miniduke
MalwarebytesMalware.AI.2679895058
YandexTrojan.OnionDuke!3apOCpPR3zE
IkarusTrojan.Win32.Onionduke
FortinetW32/Generic.AC.38E0D7!tr
AVGWin32:Malware-gen

How to remove Dropped:Trojan.Generic.12157355?

Dropped:Trojan.Generic.12157355 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment