Malware

Exploit:Win32/CVE-2018-8453.A removal guide

Malware Removal

The Exploit:Win32/CVE-2018-8453.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Exploit:Win32/CVE-2018-8453.A virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Exploit:Win32/CVE-2018-8453.A?



File Info:

crc32: 673E29B3
md5: ac29fb1acaa2600f7db1fe9072f9c913
name: lpe.exe
sha1: dc3913a99092419b69b510fab27d38796b0b82a3
sha256: 89238961a6ae82ba0a84711a3c5920bf8a3b07f74ab0eb6eaa14f4d957a0ed46
sha512: bbbcec24875cdfd6a7517cd751735d2eb66aa4dc5e681f48d2ceda08e628b85fd6763b1c05df1bf074af23b3307f488330f88f2c095b1f0d124eb2b23e5d3f5a
ssdeep: 3072:1LFrb30BRtBZZg+i2ayy2RjLTuVyu7CJDgoMT3QFMAp3mxUo:ZJ0BXScFy2RsQJ8zgRdm
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Exploit:Win32/CVE-2018-8453.A also known as:

BkavW32.AIDetectVM.malware2
MicroWorld-eScanDeepScan:Generic.Ransom.Sodinokibi.B9A407C6
FireEyeGeneric.mg.ac29fb1acaa2600f
Qihoo-360Win32/Trojan.Ransom.fb6
McAfeeRansom-Sodnkibi!AC29FB1ACAA2
CylanceUnsafe
K7AntiVirusTrojan ( 0054d99c1 )
BitDefenderDeepScan:Generic.Ransom.Sodinokibi.B9A407C6
K7GWTrojan ( 0054d99c1 )
Cybereasonmalicious.acaa26
TrendMicroRansom.Win32.SODINOKIB.SMTH
BitDefenderThetaGen:NN.ZexaF.34090.kuW@a0TAswf
F-ProtW32/Ransom.AFI
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Ransomware.Sodinokibi-7013612-0
GDataDeepScan:Generic.Ransom.Sodinokibi.B9A407C6
KasperskyHEUR:Trojan-Ransom.Win32.Gen.gen
AlibabaRansom:Win32/generic.ali2000010
NANO-AntivirusVirus.Win32.Gen.ccmw
AegisLabTrojan.Win32.Gen.j!c
TencentWin32.Trojan.Filecoder.Lmuj
Ad-AwareDeepScan:Generic.Ransom.Sodinokibi.B9A407C6
EmsisoftDeepScan:Generic.Ransom.Sodinokibi.B9A407C6 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
ZillyaTrojan.Filecoder.Win32.12417
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.MultiPlug.cc
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan-Ransom.Sodinokibi
CyrenW32/Ransom.LQBV-3864
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan[Ransom]/Win32.Gen
Endgamemalicious (high confidence)
ArcabitDeepScan:Generic.Ransom.Sodinokibi.B9A407C6
ZoneAlarmHEUR:Trojan-Ransom.Win32.Gen.gen
MicrosoftExploit:Win32/CVE-2018-8453.A
Acronissuspicious
VBA32BScope.Exploit.Nekto
ALYacTrojan.Ransom.Sodinokibi
MAXmalware (ai score=83)
MalwarebytesRansom.Sodinokibi
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Filecoder.Sodinokibi.B
TrendMicro-HouseCallRansom.Win32.SODINOKIB.SMTH
RisingRansom.Sodin!8.10CD8 (CLOUD)
SentinelOneDFI – Malicious PE
eGambitUnsafe.AI_Score_52%
FortinetW32/Sodinokibi.B!tr.ransom
AVGWin32:Trojan-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_90% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Exploit:Win32/CVE-2018-8453.A?

Exploit:Win32/CVE-2018-8453.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment