Crack

Generic.Fochi.MSIL.Hacktool.6.D52B225A (file analysis)

Malware Removal

The Generic.Fochi.MSIL.Hacktool.6.D52B225A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Generic.Fochi.MSIL.Hacktool.6.D52B225A virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Generic.Fochi.MSIL.Hacktool.6.D52B225A?


File Info:

name: C045E7D7EF6A81C1834A.mlw
path: /opt/CAPEv2/storage/binaries/66e4acd46059b722bfe1b150965d68c6f90c0c3cac7ab059f233cc70ce734c54
crc32: 0FCA44A5
md5: c045e7d7ef6a81c1834a06d79ed87a58
sha1: 3b00041f439ea1f476b2b7e6da910c0a6d0e29a8
sha256: 66e4acd46059b722bfe1b150965d68c6f90c0c3cac7ab059f233cc70ce734c54
sha512: 17a6ec4de2ba06032a65ce7e426cc317628ec268fb1f34183a57f95c19023ce4134b78a8980680683300c536b0a16f9378995205ffdc8f2a9abaceb76ca64e0a
ssdeep: 384:E5yGi44uadbLBJDUTZg6StkJHkQf9Irha:4yGEjaTrzHki6ha
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T128524B4BA3D45223ECFF0B32BC7642400FB1D9069626CB2B1989C9576FE33588952BF1
sha3_384: 02cf1ae7f5932917f77610468465d537a4328e55de674c267dd57bfc1dd85e84fd81739524430dccd749ac1cf90e66bc
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-12-06 08:55:35

Version Info:

Translation: 0x0000 0x04b0
Comments:
CompanyName:
FileDescription: SKz
FileVersion: 1.0.0.1
InternalName: SKz.exe
LegalCopyright: Copyright © 2021
LegalTrademarks:
OriginalFilename: SKz.exe
ProductName: SKz
ProductVersion: 1.0.0.1
Assembly Version: 1.0.0.1

Generic.Fochi.MSIL.Hacktool.6.D52B225A also known as:

ALYacDeepScan:Generic.Fochi.MSIL.Hacktool.6.D52B225A
ESET-NOD32a variant of MSIL/PSW.SafetyKatz.D
BitDefenderDeepScan:Generic.Fochi.MSIL.Hacktool.6.D52B225A
MicroWorld-eScanDeepScan:Generic.Fochi.MSIL.Hacktool.6.D52B225A
AvastWin64:HacktoolX-gen [Trj]
Ad-AwareDeepScan:Generic.Fochi.MSIL.Hacktool.6.D52B225A
TrendMicroHackTool.MSIL.Mimikatz64.SM
McAfee-GW-EditionPUP-XGW-FN
FireEyeDeepScan:Generic.Fochi.MSIL.Hacktool.6.D52B225A
EmsisoftDeepScan:Generic.Fochi.MSIL.Hacktool.6.D52B225A (B)
IkarusHackTool.Win32.Safetykatz
GDataDeepScan:Generic.Fochi.MSIL.Hacktool.6.D52B225A
ArcabitDeepScan:Generic.Fochi.MSIL.Hacktool.6.D52B225A
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
McAfeePUP-XGW-FN
MAXmalware (ai score=82)
TrendMicro-HouseCallHackTool.MSIL.Mimikatz64.SM
SentinelOneStatic AI – Suspicious PE
AVGWin64:HacktoolX-gen [Trj]
MaxSecureTrojan.Malware.300983.susgen

How to remove Generic.Fochi.MSIL.Hacktool.6.D52B225A?

Generic.Fochi.MSIL.Hacktool.6.D52B225A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment