What is "Generic.Mulinex.3871E3AD"?

The Generic.Mulinex.3871E3AD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Generic.Mulinex.3871E3AD virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
Loads a driver
Reads data out of its own binary image
Drops a binary and executes it
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
Uses Windows utilities for basic functionality
A process attempted to delay the analysis task by a long amount of time.
Attempts to repeatedly call a single API many times in order to delay analysis time
Installs itself for autorun at Windows startup
Creates a hidden or system file
Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz

hackerinvasion.f3322.net

a.tomx.xyz

How to determine Generic.Mulinex.3871E3AD?


File Info:
crc32: 6EE8B0DF
md5: 9e9a2117e2defd3b24d70abbcdb9f999
name: 9E9A2117E2DEFD3B24D70ABBCDB9F999.mlw
sha1: 2a5f8fef2a1af42403590310f1e99afb34692c6d
sha256: d3f58eec710f7833172a5044f0f11e6f32afd69bd4b4a3c63ae2a28c0412b249
sha512: e353716ceec1353f37c2aa67b62068d924d480305bb4b8e363e91793a508854c105f5d032cbbe089481131902dbc7a1e32a2a4c3a8d2941141ac2c3b65557936
ssdeep: 24576:F09tv9/7JtDElDEExIko2H2HESq2eWJ6MQjySjy+AR98UIMCp+m5k+7CN+ygm:F09XJt4HIN2H2tFvduySqiUI9++uNdg
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: RuntimeBroker
FileVersion: 8.9.8.9
CompanyName: RuntimeBroker
Comments: RuntimeBroker
ProductName: RuntimeBroker
ProductVersion: 8.9.8.9
FileDescription: x5e94x7528x7a0bx5e8f
Translation: 0x0804 0x04b0

Generic.Mulinex.3871E3AD also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 005246d51 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Rootkit.22030
ALYac	DeepScan:Generic.Mulinex.3871E3AD
Malwarebytes	Trojan.MalPack.FlyStudio
Zillya	Backdoor.Farfli.Win32.11605
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_60% (D)
K7GW	Adware ( 004b87ea1 )
Cybereason	malicious.7e2def
Cyren	W32/S-1885075c!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEX	Malicious
Avast	Win32:BackdoorX-gen [Trj]
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	DeepScan:Generic.Mulinex.3871E3AD
MicroWorld-eScan	DeepScan:Generic.Mulinex.3871E3AD
Ad-Aware	DeepScan:Generic.Mulinex.3871E3AD
Sophos	Mal/Generic-S
Comodo	Worm.Win32.Dropper.RA@1qraug
BitDefenderTheta	Gen:NN.ZexaF.34170.Pr3@amZ2@Nmb
McAfee-GW-Edition	BehavesLike.Win32.Generic.tc
FireEye	Generic.mg.9e9a2117e2defd3b
Emsisoft	DeepScan:Generic.Mulinex.3871E3AD (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Heur:TrojanDropper.TDSS
Avira	TR/Dropper.Gen
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Win32.FlyStudio.a
Arcabit	DeepScan:Generic.Mulinex.3871E3AD
ZoneAlarm	HEUR:Backdoor.Win32.Farfli.gen
GData	Win32.Trojan.PSE.11B5R9D
AhnLab-V3	Downloader/Win.Zegost.C4637765
Acronis	suspicious
VBA32	BScope.Trojan.Downloader
MAX	malware (ai score=82)
Yandex	Trojan.GenAsa!+tqk2y1uw30
Ikarus	Backdoor.Win32.Shiz
Fortinet	W32/CoinMiner.65CA!tr
AVG	Win32:BackdoorX-gen [Trj]

How to remove Generic.Mulinex.3871E3AD?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

What is “Generic.Mulinex.3871E3AD”?