About “Generic.DataStealer.1.84EC81B2” infection

The Generic.DataStealer.1.84EC81B2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.DataStealer.1.84EC81B2 virus can do?

Authenticode signature is invalid
CAPE detected the Caliber malware family
Binary compilation timestomping detected

How to determine Generic.DataStealer.1.84EC81B2?


File Info:
name: 037726F7E9D1FC591DC6.mlw
path: /opt/CAPEv2/storage/binaries/5fb4d4f2a4e0da7dcebbdafcd95da2749a0b0787d62f984508b9a645bcc47367
crc32: 6C93BCF4
md5: 037726f7e9d1fc591dc681bee2c610ed
sha1: 58811126b5c8b40ffa4ea7925c1e5f292a4eb773
sha256: 5fb4d4f2a4e0da7dcebbdafcd95da2749a0b0787d62f984508b9a645bcc47367
sha512: 4c5b12c150a1e5187368feb35e1db16a243c35176178a5f07237d030156dabd080c894ddbadf8e40ac6848041f5953b3d505c7f243468e6ed0aef108f48d497c
ssdeep: 6144:+f+BLtABPDM5pPTgxWGomsXSb6WtafTy8lI1D0dD9:B57hmsXS6Yx1DG9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19E544C0027EC8B56E2FF47B9E4B01261C3B1B466B83EDB4E6C4461DE2923790D955BB3
sha3_384: baf2d62eb2693021eb365b1fbbb2425fb05ac9930e317827aa729fbbf158eaf9cefbfbc585e93eff85e301fe86059a26
ep_bytes: ff250020400000000000101112000807
timestamp: 2041-10-20 19:21:48

Version Info:
Translation: 0x0000 0x04b0
Comments: 44 CALIBER
CompanyName: 44 CALIBER
FileDescription: 44 CALIBER
FileVersion: 1.6.2.0
InternalName: Insidious.exe
LegalCopyright: FuckTheSystem Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Insidious.exe
ProductName: 44 CALIBER
ProductVersion: 1.6.2.0
Assembly Version: 1.6.2.0

Generic.DataStealer.1.84EC81B2 also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Stealer.12!c
MicroWorld-eScan	Generic.DataStealer.1.84EC81B2
ClamAV	Win.Packed.Datastealer-9856291-0
CAT-QuickHeal	Trojan.YakbeexMSIL.ZZ4
Skyhigh	BehavesLike.Win32.Generic.dm
McAfee	A310Logger!037726F7E9D1
Malwarebytes	CoinStealer.Spyware.Stealer.DDS
Zillya	Trojan.CoinStealer.Win32.3964
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Password-Stealer ( 005282e41 )
Alibaba	TrojanPSW:MSIL/Stealgen.e5aec554
K7GW	Password-Stealer ( 005282e41 )
Cybereason	malicious.6b5c8b
Arcabit	Generic.DataStealer.1.84EC81B2
VirIT	Trojan.Win32.GenusT.DNNN
Symantec	Infostealer.Calibous
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/PSW.CoinStealer.CC
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-PSW.MSIL.Stealer.gen
BitDefender	Generic.DataStealer.1.84EC81B2
NANO-Antivirus	Trojan.Win32.Stealer.kezvmk
SUPERAntiSpyware	Trojan.Agent/Gen-Stealer
Avast	Win32:MalwareX-gen [Trj]
Tencent	Trojan-Spy.Win32.Stealer.16000599
Sophos	Troj/Steal-CJF
F-Secure	Heuristic.HEUR/AGEN.1307083
DrWeb	Trojan.PWS.StealerNET.76
VIPRE	Generic.DataStealer.1.84EC81B2
TrendMicro	TROJ_GEN.R002C0DL823
Emsisoft	Trojan-PSW.Agent (A)
Ikarus	Trojan.MSIL.PSW
Google	Detected
Avira	HEUR/AGEN.1307083
Microsoft	PWS:MSIL/Stealgen.GA!MTB
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Stealer.gen
GData	MSIL.Trojan-Stealer.CaliberStealer.B
Varist	W32/CoinMiner.FA.gen!Eldorado
AhnLab-V3	Infostealer/Win.CALIBER.R513735
BitDefenderTheta	Gen:NN.ZemsilF.36680.rm0@a8nHcXd
MAX	malware (ai score=83)
VBA32	Trojan.MSIL.InfoStealer.gen.D
Cylance	unsafe
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002C0DL823
Rising	Stealer.Agent!1.D483 (CLASSIC)
Yandex	Trojan.PWS.CoinStealer!Zqjmg69YMyo
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.RXP!tr.pws
AVG	Win32:MalwareX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Generic.DataStealer.1.84EC81B2?

Generic.DataStealer.1.84EC81B2 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X