Malware

Generic.Malware.Lco.376153D3 removal

Malware Removal

The Generic.Malware.Lco.376153D3 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Generic.Malware.Lco.376153D3 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • A process attempted to delay the analysis task.
  • Expresses interest in specific running processes
  • A process created a hidden window
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Deletes its original binary from disk
  • Sniffs keystrokes
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Generic.Malware.Lco.376153D3?


File Info:

crc32: 5BF4B9DF
md5: f9f3d123d499f753aac3f547b3933758
name: F9F3D123D499F753AAC3F547B3933758.mlw
sha1: 7b7224ae6120f0757b0ebf1206d5f9ccb2564f4d
sha256: e3b518430c6e3541507df623ebf6fdc11469a6dd27dddcf137dac62ed4d03f3f
sha512: f4b92075add41b7ca30ddce788e63982a6ca0cd6beb0f84f7a73f692c2aea89e8944ca46b20e486b6520b4d90c282e6b7cdfff6ef40f419afe4c71027a41b3c0
ssdeep: 3072:qzA8M9+6FXCUe4v3HYImugK1zsC57mTSDW/87mLBnkv/Q15c2+EBkPWTL9JzY:qzA7M6FXCZsInugK+CkTSsc/e2WTzs
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

LegalCopyright: x7248x6743x6240x6709(C) 2020
InternalName: loader
FileVersion: 1, 0, 0, 1
CompanyName: yida
PrivateBuild:
LegalTrademarks:
Comments:
ProductName: yida loader
SpecialBuild:
ProductVersion: 1, 0, 0, 1
FileDescription: loader
OriginalFilename: loader.dat
Translation: 0x0804 0x04b0

Generic.Malware.Lco.376153D3 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusRiskware ( 0040eff71 )
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader35.10669
CynetMalicious (score: 100)
ALYacDeepScan:Generic.Malware.Lco.376153D3
CylanceUnsafe
ZillyaTrojan.OnLineGames.Win32.243608
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (W)
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.3d499f
CyrenW32/Injector.AMA.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.CJVZ
APEXMalicious
AvastWin32:FileinfectorX-gen [Trj]
ClamAVWin.Dropper.Gh0stRAT-9792320-0
KasperskyHEUR:Backdoor.Win32.Farfli.gen
BitDefenderDeepScan:Generic.Malware.Lco.376153D3
NANO-AntivirusTrojan.Win32.Farfli.ibdmwi
MicroWorld-eScanDeepScan:Generic.Malware.Lco.376153D3
TencentWin32.Backdoor.Farfli.Ehhr
Ad-AwareDeepScan:Generic.Malware.Lco.376153D3
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZexaF.34170.lmLfa8N00znj
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
FireEyeGeneric.mg.f9f3d123d499f753
EmsisoftDeepScan:Generic.Malware.Lco.376153D3 (B)
SentinelOneStatic AI – Malicious PE
JiangminBackdoor.Farfli.edo
AviraHEUR/AGEN.1101568
eGambitUnsafe.AI_Score_70%
Antiy-AVLTrojan/Generic.ASMalwS.30FC592
MicrosoftTrojan:Win32/Farfli.DSK!MTB
ZoneAlarmHEUR:Backdoor.Win32.Farfli.gen
GDataDeepScan:Generic.Malware.Lco.376153D3
AhnLab-V3Malware/Win32.Generic.C4222468
McAfeeGenericRXAA-AA!F9F3D123D499
MAXmalware (ai score=85)
VBA32BScope.Backdoor.Farfli
MalwarebytesMalware.AI.420868432
RisingTrojan.Kryptik!1.D32C (CLASSIC)
YandexTrojan.GenAsa!GPybLLVgmp4
IkarusTrojan.Win32.Injector
FortinetW32/Farfli.BNZS!tr
AVGWin32:FileinfectorX-gen [Trj]
Paloaltogeneric.ml

How to remove Generic.Malware.Lco.376153D3?

Generic.Malware.Lco.376153D3 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment