Trojan

Dropped:Trojan.Generic.3126104 removal tips

Malware Removal

The Dropped:Trojan.Generic.3126104 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Dropped:Trojan.Generic.3126104 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • HTTPS urls from behavior.
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Attempts to modify proxy settings
  • Collects information to fingerprint the system

How to determine Dropped:Trojan.Generic.3126104?



File Info:

name: 1F109757EBC2320A8FA9.mlw
path: /opt/CAPEv2/storage/binaries/125d423c78019d7e938ca16a720df9cef484d3fc86b4936def3f886fd424ced6
crc32: 9CCA3C2C
md5: 1f109757ebc2320a8fa981765e3c8e51
sha1: b63afeff26cf1e0522b6f3fe41426ab800354a7e
sha256: 125d423c78019d7e938ca16a720df9cef484d3fc86b4936def3f886fd424ced6
sha512: 7b6a57c753faf24f08bfe77ecfc7202f594b97ed0ffb7f52d33b48c70089f344107a384ca0aed7757c47ed90a11c931ee0870e2f0db8d089663874c1e75aa33b
ssdeep: 49152:wN8Aa5rcpm4jTOYUEZ94WwdVIXY2g/o47x:s1hjxp+II26ow
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DBA5230152C480ABE5F9077098EB516B5BB9BDC05E79339FC018B0AD8933BD1E6B172B
sha3_384: 59beda8004fda0b5586ed9247102268c3859aa915fd54ea3e61f5edfde5a9a52db0d039c5616a2e12605eb1e1ca87b4b
ep_bytes: e80a000000e97affffffcccccccccc8b
timestamp: 2004-08-04 06:01:37


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Win32 Cabinet Self-Extractor                                           
FileVersion: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
InternalName: Wextract                
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: WEXTRACT.EXE            
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.00.2900.2180
Translation: 0x0409 0x04b0

Dropped:Trojan.Generic.3126104 also known as:

LionicTrojan.Win32.Agent.4!c
DrWebTrojan.DownLoad.23641
MicroWorld-eScanDropped:Trojan.Generic.3126104
FireEyeGeneric.mg.1f109757ebc2320a
ALYacDropped:Trojan.Generic.3126104
CylanceUnsafe
CrowdStrikewin/malicious_confidence_70% (W)
AlibabaTrojanDownloader:Win32/Dloadr.e84c6806
K7GWTrojan-Downloader ( 0005219c1 )
K7AntiVirusTrojan-Downloader ( 0005219c1 )
BitDefenderThetaAI:Packer.BB54D96D1D
CyrenW32/Downloader.BKJB-3868
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Agent.OOJ
AvastWin32:Trojan-gen
ClamAVWin.Downloader.62583-1
KasperskyTrojan-Downloader.Win32.Agent.ayxc
BitDefenderDropped:Trojan.Generic.3126104
NANO-AntivirusTrojan.Win32.Agent.dwrcpj
TencentWin32.Trojan-downloader.Agent.Dzae
Ad-AwareDropped:Trojan.Generic.3126104
EmsisoftDropped:Trojan.Generic.3126104 (B)
ComodoTrojWare.Win32.Downloader.Small.ai17@1ozpgg
VIPRETrojan.Win32.Generic!BT
McAfee-GW-Editiongeneric!bg.f
SophosMal/Generic-S
Paloaltogeneric.ml
GDataDropped:Trojan.Generic.3126104
JiangminTrojanDownloader.Agent.anvw
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASMalwS.17A779
KingsoftWin32.HeurC.KVMH012.a.(kcloud)
ZoneAlarmHEUR:Trojan-Downloader.Win32.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
McAfeeArtemis!1F109757EBC2
MAXmalware (ai score=94)
VBA32Trojan.Downloader.2713
APEXMalicious
RisingTrojan.DL.Win32.Mnless.btd (CLOUD)
eGambitGeneric.Downloader
FortinetW32/Agent.AXC!tr.dldr
AVGWin32:Trojan-gen

How to remove Dropped:Trojan.Generic.3126104?

Dropped:Trojan.Generic.3126104 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment