Categories: Malware

What is “Generic.Zegost.3.9D505418”?

The Generic.Zegost.3.9D505418 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Generic.Zegost.3.9D505418 virus can do?

At least one process apparently crashed during execution
SetUnhandledExceptionFilter detected (possible anti-debug)
Yara rule detections observed from a process memory dump/dropped files/CAPE
Dynamic (imported) function loading detected
Enumerates the modules from a process (may be used to locate base addresses in process injection)
Enumerates running processes
Expresses interest in specific running processes
Reads data out of its own binary image
A process created a hidden window
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid
A scripting utility was executed
Uses Windows utilities for basic functionality
Deletes its original binary from disk
Installs itself for autorun at Windows startup
Installs itself for autorun at Windows startup

How to determine Generic.Zegost.3.9D505418?


File Info:
name: 57F1EA24CBEEAFA82FAD.mlwpath: /opt/CAPEv2/storage/binaries/61ce0ce9a8485af79238d156522e530ffff0be95644b5143f107edbbdd190274crc32: A86C9558md5: 57f1ea24cbeeafa82fad8b5d5c3064ebsha1: ed53d882a34f08a765bb950e51dad258a3a97b9esha256: 61ce0ce9a8485af79238d156522e530ffff0be95644b5143f107edbbdd190274sha512: 08c161d845e55154ebf07e1d639697d29fc923458655d56a47b5a0eb111fda68245d33de48bfde9151f1a87ff82eac47722f2fd300e3f8d036e0b26c95b19199ssdeep: 768:9pGu8GqI3b0JNNtTixrogE3JEJ0QW2r2gWi1MEjkClDOqAHHM:neIAxtMMjEJzW2r27uMekLqHtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T106631A02B7599096D42E10F22D17BB677E9AFD70029F1837ABC07A19D5787642E20E3Fsha3_384: 7469e0eee39a7a1b9355204a797bbb7a95732f8b1030f8638aacc00350f2b9f8b0942bc84959c8e399c30382dbe01ed2ep_bytes: 558bec6aff6888b0400068e095400064timestamp: 2015-07-03 13:52:15
Version Info:
0: [No Data]

Generic.Zegost.3.9D505418 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Farfli.m!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Generic.Zegost.3.9D505418
CAT-QuickHeal	Trojan.Mauvaise.SL1
McAfee	Trojan-INV
Cylance	Unsafe
Zillya	Backdoor.Farfli.Win32.2513
K7AntiVirus	Trojan ( 004bf3aa1 )
Alibaba	Backdoor:Win32/Farfli.b7bac1d6
K7GW	Trojan ( 004bf3aa1 )
Cybereason	malicious.4cbeea
Cyren	W32/Farfli.Z.gen!Eldorado
Symantec	SMG.Heur!gen
ESET-NOD32	a variant of Win32/Agent.QKW
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Trojan.Agent-1317541
Kaspersky	Backdoor.Win32.Farfli.xog
BitDefender	Generic.Zegost.3.9D505418
NANO-Antivirus	Trojan.Win32.Farfli.dtkdgl
Avast	Win32:Dropper-ODE [Drp]
Tencent	Trojan.Win32.BitCoinMiner.la
Ad-Aware	Generic.Zegost.3.9D505418
Emsisoft	Generic.Zegost.3.9D505418 (B)
Comodo	Backdoor.Win32.Beaugrit.C@6l4u2b
DrWeb	Trojan.DownLoader15.1788
TrendMicro	BKDR_BEAUGRIT.SM
McAfee-GW-Edition	BehavesLike.Win32.Dropper.km
FireEye	Generic.mg.57f1ea24cbeeafa8
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
GData	Win32.Trojan.ServStart.C
Jiangmin	Backdoor.Farfli.ka
Avira	TR/Beaugrit.aba
Antiy-AVL	Trojan/Generic.ASMalwS.11C2C17
Arcabit	Generic.Zegost.3.9D505418
ViRobot	Trojan.Win32.Z.Farfli.69632.EB
Microsoft	Trojan:Win32/Malex.gen!E
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Zegost.R155096
VBA32	BScope.Backdoor.Farfli
ALYac	Generic.Zegost.3.9D505418
MAX	malware (ai score=80)
Malwarebytes	Trojan.Agent.QQ
TrendMicro-HouseCall	BKDR_BEAUGRIT.SM
Rising	Backdoor.Fusing!1.BCB6 (CLASSIC)
Ikarus	Win32.Outbreak
Fortinet	W32/Farfli.BIS!tr
BitDefenderTheta	Gen:NN.ZexaF.34294.eyW@aqVbLYdj
AVG	Win32:Dropper-ODE [Drp]
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_90% (W)