Malware

Generic.Dacic.11C08DFC.A.65C3C939 information

Malware Removal

The Generic.Dacic.11C08DFC.A.65C3C939 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Dacic.11C08DFC.A.65C3C939 virus can do?

  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • .NET file is packed/obfuscated with Confuser
  • Authenticode signature is invalid
  • CAPE detected the MetaStealer malware family
  • Binary compilation timestomping detected
  • Unusual version info supplied for binary

How to determine Generic.Dacic.11C08DFC.A.65C3C939?



File Info:

name: BF68C6FA9EE04147D115.mlw
path: /opt/CAPEv2/storage/binaries/81cbc0460ac793d69a4427996e501ae19f410c61c85ae560400413bb4331a835
crc32: 4DD56739
md5: bf68c6fa9ee04147d1154932819f97f5
sha1: 1579a0883a50478d7f3ca57b211b5bd1dafebbb4
sha256: 81cbc0460ac793d69a4427996e501ae19f410c61c85ae560400413bb4331a835
sha512: 9688d0a9b1148f9e23c3e2c1274550ee0ac97823d58efa6660af5403e86cae5e9c8b6072ef8f7e69266f84794dce098cc93a5ee37e52619570f36c0f6367bc44
ssdeep: 6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10C740B887670FD9EC867C47F8A681C24E6636466570BA203B05317ED993D79AFE070B3
sha3_384: 6982ac3714366485c56a1e5eee74f47d1ddda6265cf2a5dc1d8c1b1e31f0a40266f976732d430343fadb188238391b18
ep_bytes: ff250020400000000000000000000000
timestamp: 2099-05-04 20:00:01


Version Info:

Translation: 0x0000 0x04b0
Comments: Visual Studio Installer
CompanyName: 
FileDescription: Microsoft Visual Studio
FileVersion: 15.9.28307.1440
InternalName: Penholder.exe
LegalCopyright: Microsoft Corporation Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Penholder.exe
ProductName: Visual Studio
ProductVersion: 15.9.28307.1440
Assembly Version: 15.9.28307.1440

Generic.Dacic.11C08DFC.A.65C3C939 also known as:

BkavW32.AIDetectMalware.CS
MicroWorld-eScanGeneric.Dacic.11C08DFC.A.65C3C939
ClamAVWin.Trojan.Generic-9933689-0
CAT-QuickHealTrojan.GenericFC.S30117358
SkyhighBehavesLike.Win32.Generic.fm
McAfeeGenericRXQD-WB!BF68C6FA9EE0
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.RedLine.Win32.2557
SangforSuspicious.Win32.Save.a
K7AntiVirusSpyware ( 0059954d1 )
K7GWSpyware ( 0059954d1 )
Cybereasonmalicious.83a504
VirITTrojan.Win32.PSWStealer.ETD
SymantecML.Attribute.HighConfidence
ElasticWindows.Trojan.Generic
ESET-NOD32a variant of MSIL/Spy.RedLine.I
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefenderGeneric.Dacic.11C08DFC.A.65C3C939
AvastWin32:PWSX-gen [Trj]
TencentTrojan-Spy.MSIL.Stealer.hbq
EmsisoftGeneric.Dacic.11C08DFC.A.65C3C939 (B)
F-SecureHeuristic.HEUR/AGEN.1365789
DrWebTrojan.PWS.Steam.34493
VIPREGeneric.Dacic.11C08DFC.A.65C3C939
FireEyeGeneric.mg.bf68c6fa9ee04147
SophosMal/Reline-F
IkarusTrojan-Spy.MSIL.Redline
GDataMSIL.Trojan-Stealer.Redline.G
JiangminTrojanSpy.MSIL.cyps
GoogleDetected
AviraHEUR/AGEN.1365789
Antiy-AVLTrojan[Spy]/MSIL.RedLine
ArcabitGeneric.Dacic.11C08DFC.A.65C3C939
ZoneAlarmHEUR:Trojan-Spy.MSIL.Stealer.gen
MicrosoftTrojan:MSIL/Seraph.RG!MTB
VaristW32/MSIL_Agent.FCZ.gen!Eldorado
AhnLab-V3Infostealer/Win.RedLine.C5240602
BitDefenderThetaGen:NN.ZemsilF.36744.vm1@aqu2wGc
ALYacGeneric.Dacic.11C08DFC.A.65C3C939
MAXmalware (ai score=80)
VBA32TScope.Trojan.MSIL
PandaTrj/GdSda.A
RisingStealer.Agent!1.DC63 (CLASSIC)
YandexTrojanSpy.RedLine!rkZxWf4SDXY
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/RedLine.A!tr
AVGWin32:PWSX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Generic.Dacic.11C08DFC.A.65C3C939?

Generic.Dacic.11C08DFC.A.65C3C939 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment