What is “Generic.Malware.SFLB.C54EAFCF”?

The Generic.Malware.SFLB.C54EAFCF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.Malware.SFLB.C54EAFCF virus can do?

Authenticode signature is invalid
CAPE detected the XWorm malware family
Binary file triggered YARA rule

How to determine Generic.Malware.SFLB.C54EAFCF?


File Info:
name: 6A3FA38E2B8DE107C9A1.mlw
path: /opt/CAPEv2/storage/binaries/4c22a26306c5e683b1a22086bafffe92fc70ab731995a2f2726fecf9cffa3d44
crc32: 4C40F2BB
md5: 6a3fa38e2b8de107c9a1049120e333a4
sha1: b8e05de72c34a911b54d238c946fd651b561934d
sha256: 4c22a26306c5e683b1a22086bafffe92fc70ab731995a2f2726fecf9cffa3d44
sha512: 74868e6ce5b33d6403913163480aa837ffafca06a7acaf9bacdeeec839cb8bca7abdfd35d809e9a1d954baa26037d1cd5ac5a31a8518a5b498844f226b26fb1d
ssdeep: 1536:Ynpq0H65dtnIZVINxxLcfQv6cabcgy3uz4fFT1UmvghYOzBuR5:YnV6VmwnIbcgy+z4tT1UmvFOzBu7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14F739E2C7BDA4129E1FF6FF409F17217CA39F7235907964F24DA028A1A23A88CD516F5
sha3_384: 06a2b6e2577461f64ac8e6da85a12148481918b214eb1ff288bb8c7cb9b16034a9923ed7dcc00427cd7a97f56bbfd4f3
ep_bytes: ff250020400000000000000000000000
timestamp: 2024-04-20 18:49:49

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 1.0.0.0
InternalName: Chloe.exe
LegalCopyright:  
OriginalFilename: Chloe.exe
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Generic.Malware.SFLB.C54EAFCF also known as:

Bkav	W32.AIDetectMalware.CS
AVG	Win32:RATX-gen [Trj]
Elastic	malicious (high confidence)
MicroWorld-eScan	DeepScan:Generic.Malware.SFLB.C54EAFCF
FireEye	Generic.mg.6a3fa38e2b8de107
CAT-QuickHeal	Worm.GenericFC.S32598663
Skyhigh	BehavesLike.Win32.Trojan.lm
McAfee	Trojan-FVYT!6A3FA38E2B8D
Cylance	unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Trojan ( 005aa5f01 )
K7AntiVirus	Trojan ( 005aa5f01 )
Arcabit	DeepScan:Generic.Malware.SFLB.C54EAFCF
BitDefenderTheta	Gen:NN.ZemsilF.36802.em0@a4Cwr@h
VirIT	Trojan.Win32.MSIL_Heur.B
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Agent.DWN
APEX	Malicious
Avast	Win32:RATX-gen [Trj]
ClamAV	Win.Packed.njRAT-10002074-1
Kaspersky	HEUR:Backdoor.MSIL.XWorm.gen
BitDefender	DeepScan:Generic.Malware.SFLB.C54EAFCF
Emsisoft	DeepScan:Generic.Malware.SFLB.C54EAFCF (B)
F-Secure	Trojan.TR/Spy.Gen
DrWeb	BackDoor.BladabindiNET.30
VIPRE	DeepScan:Generic.Malware.SFLB.C54EAFCF
Trapmine	malicious.high.ml.score
Sophos	Troj/RAT-FJ
Webroot	W32.Malware.gen
Avira	TR/Spy.Gen
MAX	malware (ai score=85)
Kingsoft	malware.kb.c.1000
Microsoft	Trojan:MSIL/AsyncRAT.R!MTB
ZoneAlarm	HEUR:Backdoor.MSIL.XWorm.gen
GData	MSIL.Backdoor.XWormRAT.A
Varist	W32/MSIL_Agent.BUD.gen!Eldorado
AhnLab-V3	Backdoor/Win.AsyncRat.C5360693
VBA32	Backdoor.MSIL.XWorm.gen
ALYac	DeepScan:Generic.Malware.SFLB.C54EAFCF
Malwarebytes	Backdoor.XWorm.Generic
Panda	Trj/GdSda.A
Rising	Trojan.AntiVM!1.CF63 (CLASSIC)
Ikarus	Trojan-Dropper.MSIL.Agent
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Conwise.RCE!tr
DeepInstinct	MALICIOUS
alibabacloud	Rat:Win/AsyncRAT.Stub

How to remove Generic.Malware.SFLB.C54EAFCF?

Generic.Malware.SFLB.C54EAFCF removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X