Malware

Generic.Malware.SFM2g.C0CCC0BE information

Malware Removal

The Generic.Malware.SFM2g.C0CCC0BE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Malware.SFM2g.C0CCC0BE virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • A ping command was executed with the -n argument possibly to delay analysis
  • Uses Windows utilities to create a scheduled task
  • CAPE detected the shellcode patterns malware family
  • Attempted to write directly to a physical drive
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Generic.Malware.SFM2g.C0CCC0BE?



File Info:

name: 019B4EB42813DADBF3CF.mlw
path: /opt/CAPEv2/storage/binaries/508316a856a524041df8b4425d15db40f22853eddcc67fcf9be1a4899ffc24ec
crc32: D26D1431
md5: 019b4eb42813dadbf3cf1c60ad4f7c8f
sha1: c96635fc765f7d7a8cae22cfdbdddc591e2eb209
sha256: 508316a856a524041df8b4425d15db40f22853eddcc67fcf9be1a4899ffc24ec
sha512: d40ffa1678699cc06a5a0662463ff85df77e5f65be84644b5175c185f70f521393d59b92d42c0bbcf679da3a2281281ced3ef4bedee5bd1470557f58edd6c9bb
ssdeep: 24576:bb2jztQhULO+yySYApr/izJfbTSm5bhFx1Q3TLw:e/tQhUS+yyvApr/cf6ghFLww
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10945D052BF79C0BAE84751B64C6BC9791076BCAA575001DB73C93A2FC4713C2AE3B609
sha3_384: fb229dc70d898c9f1b67e68d3d500fe2d146b84bc76549d1b41b5903fab42905eae5b1e9db52ce736950e09ee927ee03
ep_bytes: e869570000e917feffff558bec51538b
timestamp: 2016-05-06 07:29:45


Version Info:

CompanyName: 新浪网技术(中国)有限公司
FileDescription: 新浪SHOW
FileVersion: 3, 5, 223, 0
InternalName: 新浪SHOW3.5 安装程序
LegalCopyright: (C) 新浪网技术(中国)有限公司。保留所有权利。
ProductName: 新浪SHOW
ProductVersion: 3, 5, 223, 0
Translation: 0x0804 0x04b0

Generic.Malware.SFM2g.C0CCC0BE also known as:

LionicTrojan.Win32.DeepScan.4!c
MicroWorld-eScanDeepScan:Generic.Malware.SFM2g.C0CCC0BE
FireEyeDeepScan:Generic.Malware.SFM2g.C0CCC0BE
SkyhighArtemis
McAfeeArtemis!019B4EB42813
VIPREDeepScan:Generic.Malware.SFM2g.C0CCC0BE
Paloaltogeneric.ml
BitDefenderDeepScan:Generic.Malware.SFM2g.C0CCC0BE
IkarusWin32.SuspectCrc
GoogleDetected
ArcabitDeepScan:Generic.Malware.SFM2g.C0CCC0BE
GDataDeepScan:Generic.Malware.SFM2g.C0CCC0BE
ALYacDeepScan:Generic.Malware.SFM2g.C0CCC0BE
VBA32suspected of Trojan.Downloader.gen
TrendMicro-HouseCallTROJ_GEN.R002H09DR24
MAXmalware (ai score=86)
MaxSecureTrojan.Malware.222345177.susgen
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/SFM2g.C7ILE5CD

How to remove Generic.Malware.SFM2g.C0CCC0BE?

Generic.Malware.SFM2g.C0CCC0BE removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment