Malware

Generic.Malware.SPPk!2g.7005F605 (file analysis)

Malware Removal

The Generic.Malware.SPPk!2g.7005F605 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Generic.Malware.SPPk!2g.7005F605 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Arabic
  • Uses Windows utilities for basic functionality
  • Sniffs keystrokes
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

Related domains:

myhost.com

How to determine Generic.Malware.SPPk!2g.7005F605?


File Info:

crc32: 9A813EDE
md5: 325a856472d273646f904071bf5d8603
name: 325A856472D273646F904071BF5D8603.mlw
sha1: 984057c070c976d8922c63833d1e4e63c6cd7ced
sha256: 22f74b6a884597fddd08beb3a51437b18b0c55eee98dfad70265896ca962e0e7
sha512: d6c2685e519d60b39c13c56318a2d6178bd37706beb7faa7ee9f72e72b792e5174b4aebeb7d17dfe501cbc1687d2ed4b35f74ae47037f182aa3345645a62e89c
ssdeep: 6144:hhBhkx6m6yfxIaf0hqRdexsQGb7Lu7tiJ0QBj3jVQ4LATJwPrLxvvqrGiJLSdzh:hnCJu7sZjVQ4LwqPLbN
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0409 0x04b0
InternalName: vbstub
FileVersion: 1.00
CompanyName: Microsoft
ProductName: Driver
ProductVersion: 1.00
OriginalFilename: vbstub.exe

Generic.Malware.SPPk!2g.7005F605 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 004d4ea81 )
LionicTrojan.Win32.Reconyc.tnGO
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader18.15227
CynetMalicious (score: 100)
ALYacDeepScan:Generic.Malware.SPPk!2g.7005F605
CylanceUnsafe
ZillyaTrojan.Reconyc.Win32.16809
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Reconyc.f134f32a
K7GWTrojan ( 004d4ea81 )
Cybereasonmalicious.472d27
CyrenW32/VB_Troj.U.gen!Eldorado
SymantecSMG.Heur!gen
ESET-NOD32a variant of Win32/VB.OFA
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Malware.Sppktkg-9842320-0
KasperskyTrojan.Win32.Reconyc.ezmb
BitDefenderDeepScan:Generic.Malware.SPPk!2g.7005F605
NANO-AntivirusTrojan.Win32.Reconyc.eagglw
ViRobotTrojan.Win32.Z.Reconyc.598016
MicroWorld-eScanDeepScan:Generic.Malware.SPPk!2g.7005F605
TencentMalware.Win32.Gencirc.10cc9e2b
Ad-AwareDeepScan:Generic.Malware.SPPk!2g.7005F605
SophosML/PE-A + Troj/VB-KLC
ComodoTrojWare.Win32.VB.NMV@4yuc48
BitDefenderThetaGen:NN.ZevbaF.34236.Km0@aeY!!GHO
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionRDN/Generic.hbg
FireEyeGeneric.mg.325a856472d27364
EmsisoftDeepScan:Generic.Malware.SPPk!2g.7005F605 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Reconyc.cfn
AviraTR/Agent.2050
eGambitUnsafe.AI_Score_100%
Antiy-AVLTrojan/Generic.ASMalwS.1A1C992
MicrosoftVirTool:Win32/VBInject.gen!CI
GDataWin32.Application.CoinMiner.AD
AhnLab-V3Trojan/Win32.Reconyc.R184246
McAfeeGenericATG-FCHR!325A856472D2
MAXmalware (ai score=100)
VBA32Malware-Cryptor.VB.gen.1
MalwarebytesTrojan.Agent.VB
RisingBackdoor.SkyWyder!1.CA21 (CLASSIC)
YandexTrojan.GenAsa!RgPuDskJLh0
IkarusTrojan.Win32.Agent
FortinetW32/Injector.S!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Generic.Malware.SPPk!2g.7005F605?

Generic.Malware.SPPk!2g.7005F605 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment