Malware

Generic.Dacic.94CCEEA9.A.E9BA948B (file analysis)

Malware Removal

The Generic.Dacic.94CCEEA9.A.E9BA948B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Generic.Dacic.94CCEEA9.A.E9BA948B virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Generic.Dacic.94CCEEA9.A.E9BA948B?


File Info:

name: 29D5090537AA1494929B.mlw
path: /opt/CAPEv2/storage/binaries/a0fd5ddc912ffce58670521b7ab3552aa154198d331f47b88dfc676689025702
crc32: AAA9D9B3
md5: 29d5090537aa1494929beb17808c96e9
sha1: 843e4b5092bd91196a495009e2daba5b0cc8dddd
sha256: a0fd5ddc912ffce58670521b7ab3552aa154198d331f47b88dfc676689025702
sha512: 1eeb91e638f5d7d4cc712ac784f7687f0ca6edb476aa810466291e1a26af63ff232096bafd2cce1877648035baa3ef89e5293c8e379898b7600aac794ad73805
ssdeep: 3072:fDm2NuoX7wPyUNp+bb/6IzYCIprEqE8BbUOl65YUB6ulQAMFW:fDooUyapA66YCILQmFulQAMF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19D048F629970BB16E915093517A06BEA401D3C2F4BE9030DBCADDE5F3353DAB34AF942
sha3_384: 0fd27b55e5c99acc264b6854cefb229775db069c8461f0bda2d0c2f78775d4456412792b737138ee2ac9420d3c7db7a6
ep_bytes: 68c0914200e8f0ffffff000000000000
timestamp: 2019-01-12 12:27:37

Version Info:

Translation: 0x0804 0x04b0
CompanyName: aaaa
ProductName: 之awaii-Unicorn
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Kawaii-Unicorn
OriginalFilename: Kawaii-Unicorn.exe

Generic.Dacic.94CCEEA9.A.E9BA948B also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Dacic.94CCEEA9.A.E9BA948B
FireEyeGeneric.mg.29d5090537aa1494
CAT-QuickHealTrojan.MuldVMF.S21469993
ALYacGeneric.Dacic.94CCEEA9.A.E9BA948B
VIPREGeneric.Dacic.94CCEEA9.A.E9BA948B
SangforSuspicious.Win32.Save.vb
CrowdStrikewin/malicious_confidence_100% (W)
K7GWP2PWorm ( 0054601e1 )
K7AntiVirusP2PWorm ( 0054601e1 )
VirITTrojan.Win32.Banker1.BRRU
CyrenW32/VB_Troj.J.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/VBClone.D
APEXMalicious
ClamAVWin.Packed.Generic-9967832-0
KasperskyTrojan.Win32.VB.dosb
BitDefenderGeneric.Dacic.94CCEEA9.A.E9BA948B
NANO-AntivirusTrojan.Win32.VB.fmvxlx
Ad-AwareGeneric.Dacic.94CCEEA9.A.E9BA948B
SophosML/PE-A + Troj/VB-KCP
ComodoTrojWare.Win32.VBClone.B@88ji29
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.MulDrop17.61497
McAfee-GW-EditionGenericRXHC-SS!29D5090537AA
EmsisoftGeneric.Dacic.94CCEEA9.A.E9BA948B (B)
JiangminTrojan.VB.aqyg
GoogleDetected
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Win32.VBClone
ArcabitGeneric.Dacic.94CCEEA9.A.E9BA948B
ZoneAlarmTrojan.Win32.VB.dosb
GDataWin32.Trojan.PSE.11O2TWC
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Agent.R252862
McAfeeGenericRXHC-SS!29D5090537AA
MAXmalware (ai score=80)
VBA32SScope.Trojan.VB
MalwarebytesMalware.AI.3914415153
TencentTrojan.Win32.Wacatac.yaw
YandexTrojan.GenAsa!szPELjCFIKg
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.74100232.susgen
FortinetW32/VBClone.D!tr
BitDefenderThetaAI:Packer.3C63DE941F
Cybereasonmalicious.537aa1
PandaTrj/CI.A

How to remove Generic.Dacic.94CCEEA9.A.E9BA948B?

Generic.Dacic.94CCEEA9.A.E9BA948B removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment