Trojan

Dropped:Trojan.Generic.5044701 information

Malware Removal

The Dropped:Trojan.Generic.5044701 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Dropped:Trojan.Generic.5044701 virus can do?

  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Korean
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Dropped:Trojan.Generic.5044701?



File Info:

name: 5ABE72585B2E9204906B.mlw
path: /opt/CAPEv2/storage/binaries/37decd8ef2517303b586365f15d213ad2a3ee5390f3a970a4fb8ca202ad5aa95
crc32: 1064382C
md5: 5abe72585b2e9204906b5b21c6c83ec4
sha1: f499f9d786bfdcebc6f05d3a3b887ba7c3d8e3e1
sha256: 37decd8ef2517303b586365f15d213ad2a3ee5390f3a970a4fb8ca202ad5aa95
sha512: e4e2f71e553697cc43ccf6df50056a97c049918c96918127e512bff049782cee1797b151c41e1b431cf4255cb55a7b535afe59229113f48d8468e9361469e3d1
ssdeep: 24576:rWNF5RONZ3JTaAmY+FeGn6J5TojIc0UCDfVCIX9xTNQTkVs/G8dj9ib/VE33ycsp:WGZ3JT7/9Gn8ojIc0FCIX9xTNQTecG8c
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D7653343B6D0E53FE49817740CE922E3237AD4F0A7452397874B96F9A4642C92A3D36F
sha3_384: 08b95842dbcaacd9fb7b8c382761a22433ef11cd0e6ef21469111c4d8be535d10c0de9d61b53f7dbb7558b2d4d787381
ep_bytes: e80a000000e97affffffcccccccccc8b
timestamp: 2008-04-13 18:32:45


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Win32 Cabinet Self-Extractor                                           
FileVersion: 6.00.2900.5512 (xpsp.080413-2105)
InternalName: Wextract                
LegalCopyright: (C)Microsoft Corporation. All rights reserved.
OriginalFilename: WEXTRACT.EXE            
ProductName: Microsoft(R) Windows(R) Operating System
ProductVersion: 6.00.2900.5512
Translation: 0x0412 0x04b0

Dropped:Trojan.Generic.5044701 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanDropped:Trojan.Generic.5044701
ClamAVWin.Malware.Buzus-6981596-0
FireEyeGeneric.mg.5abe72585b2e9204
CAT-QuickHealTrojan.Buzus.9827
SkyhighBehavesLike.Win32.Generic.tc
ALYacDropped:Trojan.Generic.5044701
MalwarebytesGeneric.Malware.AI.DDS
VIPREDropped:Trojan.Generic.5044701
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 004c01941 )
K7GWTrojan ( 004c01941 )
VirITTrojan.Win32.Generic.BKZK
SymantecW32.Ackantta!Dr
ESET-NOD32Win32/Merond.O
APEXMalicious
CynetMalicious (score: 99)
KasperskyVirus.Win32.Cabres.a
BitDefenderDropped:Trojan.Generic.5044701
NANO-AntivirusTrojan.Win32.Buzus.btthy
AvastWin32:Delf-NUF [Trj]
EmsisoftDropped:Trojan.Generic.5044701 (B)
F-SecureDropper.DR/Delphi.Gen
DrWebBackDoor.Poison.686
TrendMicroWORM_PROLACO.SMX
SophosW32/Cabble-A
SentinelOneStatic AI – Suspicious SFX
GDataDropped:Trojan.Generic.5044701
JiangminTrojan/Buzus.aphr
GoogleDetected
AviraDR/Delphi.Gen
Antiy-AVLTrojan/Win32.Buzus
XcitiumMalware@#1pmcoyj0gvybg
ArcabitTrojan.Generic.D4CF9DD
ZoneAlarmVirus.Win32.Cabres.a
MicrosoftVirTool:Win32/DelfInject
VaristW32/Trojan.TMKA-3154
McAfeeGenericRXAA-AA!5988F5EEA2E0
MAXmalware (ai score=89)
VBA32Trojan.Buzus
Cylanceunsafe
PandaGeneric Suspicious
TrendMicro-HouseCallWORM_PROLACO.SMX
RisingBackdoor.Androm!8.113 (TFE:4:Ti79zbC6A2N)
IkarusVirus.Win32.DelfInject
MaxSecureVirus.Win32.Cabres.A
FortinetW32/Injector.fam!tr
BitDefenderThetaAI:Packer.DCFF6F721E
AVGWin32:Delf-NUF [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Dropped:Trojan.Generic.5044701?

Dropped:Trojan.Generic.5044701 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment