Generic.Malware.WXi.233B4F15 (B) (file analysis)

The Generic.Malware.WXi.233B4F15 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.Malware.WXi.233B4F15 (B) virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Generic.Malware.WXi.233B4F15 (B)?


File Info:
name: FB7FF8E21D349D63CF9A.mlw
path: /opt/CAPEv2/storage/binaries/43a36c416bd0683995c368e59b919bfdd237476ad9f01cb998f047a2f0125b6b
crc32: 84D451A5
md5: fb7ff8e21d349d63cf9abdaf7b4b103d
sha1: db06b48c54228a2c8a35b61ed447e4c41c8f1b8d
sha256: 43a36c416bd0683995c368e59b919bfdd237476ad9f01cb998f047a2f0125b6b
sha512: c65e51160296ff30e9f4bf8ff9dbe0a72f5feb9a2967f2daa93e6d309b7328067f026f25e088740aaba68523172a7fc5d2a02408e423ac5484a3a7b23ddfaeb3
ssdeep: 12288:dmH2xTMtCR+agw2qceJrI+bomg6hjmR4BVH7L9tnE:dmHQTMtoNqqceJrI+bNgqzrPE
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1C4B47D8BF3A454F4D5ABC2B1CA569267FBF1748A2610974B13B08BD61F237B19E2D301
sha3_384: 98e771dc6bd97b0a1ede93ee031f58a873dea446001105b1f68e3f38f6c9ad8ba980cfe07692d358e5a704edf7f0f188
ep_bytes: 4c8bdc49895b0849897310574883ec70
timestamp: 2014-06-27 00:52:41

Version Info:
0: [No Data]

Generic.Malware.WXi.233B4F15 (B) also known as:

Lionic	Worm.Win32.AutoRun.leoV
MicroWorld-eScan	Generic.Malware.WXi.233B4F15
FireEye	Generic.Malware.WXi.233B4F15
ALYac	Generic.Malware.WXi.233B4F15
Alibaba	Exploit:Win32/ShellCode.9798dd91
Baidu	Win32.Worm.Agent.u
Symantec	W32.Blaster.Worm
ClamAV	Win.Exploit.DCOM-5
BitDefender	Generic.Malware.WXi.233B4F15
Avast	Win32:DCom-AA [Expl]
Ad-Aware	Generic.Malware.WXi.233B4F15
DrWeb	BackDoor.Swz.125
TrendMicro	TROJ_GEN.R002C0OKL21
McAfee-GW-Edition	RDN/Generic.dx
Emsisoft	Generic.Malware.WXi.233B4F15 (B)
Ikarus	Exploit.ShellCode
GData	Generic.Malware.WXi.233B4F15
Avira	EXP/ShellCode.I
MAX	malware (ai score=85)
Arcabit	Generic.Malware.WXi.233B4F15
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
McAfee	RDN/Generic.dx
TrendMicro-HouseCall	TROJ_GEN.R002C0OKL21
Rising	Virus.Futu!1.B2CB (CLASSIC)
Fortinet	W32/PossibleThreat
AVG	Win32:DCom-AA [Expl]
Cybereason	malicious.21d349
Panda	Trj/CI.A

How to remove Generic.Malware.WXi.233B4F15 (B)?

Generic.Malware.WXi.233B4F15 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X