Categories: Malware

Generic.Malware.LMV3!prn!g.1B890818 (file analysis)

The Generic.Malware.LMV3!prn!g.1B890818 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Generic.Malware.LMV3!prn!g.1B890818 virus can do?

Behavioural detection: Executable code extraction – unpacking
Sample contains Overlay data
Yara rule detections observed from a process memory dump/dropped files/CAPE
The binary contains an unknown PE section name indicative of packing
Executable file is packed/obfuscated with MPRESS
Authenticode signature is invalid

How to determine Generic.Malware.LMV3!prn!g.1B890818?


File Info:
name: 640AEB7041F37C137881.mlwpath: /opt/CAPEv2/storage/binaries/015c9080a38ae28738faff5d54a6b0d75dfe7ff985c293a22303d6f2512fe126crc32: F59CCB1Dmd5: 640aeb7041f37c1378819ecb853a56fdsha1: df4e422b867885a1bb306cfc43090fcf4918a64dsha256: 015c9080a38ae28738faff5d54a6b0d75dfe7ff985c293a22303d6f2512fe126sha512: 9edc263f97c9232830512e5f3f33c6f9642806bacd9435287f97095de7cf47d1b34c76c47b844814af0cf968a0093536397f7881e4665b23bc4f00c738785e17ssdeep: 6144:VY+32WWluqvHpVmXWEjFJRWci+WUd20rUU5EYCTvaBju4z2G0c:inWwvHpVmXpjJIUd2cUusvalxzB0ctype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T118A42A3AEB10B126FA578C7A742A4E1615283C3522119E4BB3926B4D38767C3F9F474Fsha3_384: a8a0536f1341dddf606f18ac736cca9c0ee966f7ed5370e1424d2b097346c3910e8741471a2ea7e9ce2166767e6f7c23ep_bytes: 680c4d4000e8eeffffff000000000000timestamp: 2007-01-12 10:04:58
Version Info:
Translation: 0x0409 0x04b0Comments: Microsoft CorporationCompanyName: File FolderProductName:  FileVersion: 1.00ProductVersion: 1.00InternalName: FILE FOLDEROriginalFilename: FILE FOLDER.exe

Generic.Malware.LMV3!prn!g.1B890818 also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader6.64360
MicroWorld-eScan	DeepScan:Generic.Malware.LMV3!prn!g.1B890818
FireEye	Generic.mg.640aeb7041f37c13
ALYac	DeepScan:Generic.Malware.LMV3!prn!g.1B890818
Malwarebytes	Virut.Virus.FileInfector.DDS
Zillya	Worm.VB.Win32.63917
Sangfor	Trojan.Win32.Save.ShadowBrokersC
K7AntiVirus	Trojan ( 0040f6141 )
K7GW	Trojan ( 0040f6141 )
Cybereason	malicious.041f37
BitDefenderTheta	AI:Packer.9720CF5F1D
Cyren	W32/Noon.K.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/NoonLight.Y
APEX	Malicious
ClamAV	Win.Worm.Moonlight-9775620-0
Kaspersky	Email-Worm.Win32.VB.co
BitDefender	DeepScan:Generic.Malware.LMV3!prn!g.1B890818
NANO-Antivirus	Trojan.Win32.VB.foifdq
Avast	Win32:Trojan-gen
Tencent	HF:Worm.Win32.Vb.wa
Ad-Aware	DeepScan:Generic.Malware.LMV3!prn!g.1B890818
Emsisoft	DeepScan:Generic.Malware.LMV3!prn!g.1B890818 (B)
Comodo	TrojWare.Win32.Regrun.Q@1gs3xh
Baidu	Win32.Worm.VB.a
VIPRE	DeepScan:Generic.Malware.LMV3!prn!g.1B890818
McAfee-GW-Edition	BehavesLike.Win32.PWSZbot.gt
Trapmine	malicious.high.ml.score
Sophos	ML/PE-A + W32/Bobandy-I
Ikarus	Trojan.Win32.Patched
GData	Win32.Trojan.PSE.1YWXWHL
Jiangmin	Worm/VB.a
Google	Detected
Avira	TR/Moonlight.DLL.yiila
MAX	malware (ai score=85)
Antiy-AVL	Trojan/Win32.Genome
Arcabit	DeepScan:Generic.Malware.LMV3!prn!g.1B890818
Microsoft	Worm:Win32/Lightmoon.H
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.VBKrypt.R526323
Acronis	suspicious
McAfee	W32/MoonLight.worm.b
TACHYON	Trojan/W32.VB-Agent.483350
VBA32	TScope.Trojan.VB
Zoner	Trojan.Win32.77489
Rising	Worm.VBInjectEx!1.99E6 (CLASSIC)
Yandex	Worm.NoonLight!yraM5LGj/Aw
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Moonlight.B!worm
AVG	Win32:Trojan-gen
Panda	W32/Moonlight.P.worm
CrowdStrike	win/malicious_confidence_100% (D)