Malware

Generik.DXHUEAJ removal guide

Malware Removal

The Generik.DXHUEAJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generik.DXHUEAJ virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Writes a potential ransom message to disk

How to determine Generik.DXHUEAJ?



File Info:

name: C151376A7C54AE99F017.mlw
path: /opt/CAPEv2/storage/binaries/4602a0ef0c650155d5bfd0c3bad9f4ad058a1ed45b0a22c7ba95361e52cef1aa
crc32: 94753223
md5: c151376a7c54ae99f01721845e4ff397
sha1: 9b74880ee4dddc018dffb711b70ce33c0c5c3654
sha256: 4602a0ef0c650155d5bfd0c3bad9f4ad058a1ed45b0a22c7ba95361e52cef1aa
sha512: 21f42ac043fc4a7bb46d5f4db2698a7709f7255667a14566c8b38e1c679c31e2bd8bfc78e224ae923537cc086a6d42c99266ca8ce977910dee80e1cc3db24d29
ssdeep: 196608:Yl1UfNb1UcozO5o0oUSrj9zS/lh5A2H+9Iw52vOmP/4pxS:Y0fNhnozL0M4hG2oIm2vfPw/S
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11E863305FD848AD6CB82ABBF2D724C00DF419ED2F518787A53602F87E9F66481B12779
sha3_384: bac5a57365ef5fa0be2acb4cee5fa7205fea432cc93755325534a74a0f1b85ade319c6b42cf65ee32d2a90c1f5160368
ep_bytes: 558bec81ecf40300005356576a205f33
timestamp: 2021-09-25 21:57:46


Version Info:

CompanyName: Manage Engine Ltd
FileDescription: IIS Application Health Monitor
FileVersion: 10.8.7.36
InternalName: iis health
LegalCopyright: Copyright 2021 Manage Engine Ltd
ProductName: IIS Application Health Monitor Premium
Translation: 0x0409 0x04e4

Generik.DXHUEAJ also known as:

LionicTrojan.Win32.Razy.4!c
DrWebTrojan.Inject4.20902
MicroWorld-eScanTrojan.GenericKD.47568639
ALYacTrojan.GenericKD.47568639
CylanceUnsafe
SangforBackdoor.Win32.DarkVNC.pu
AlibabaBackdoor:Win32/DarkVNC.54ba9f4a
K7GWTrojan ( 0058b0b61 )
K7AntiVirusTrojan ( 0058b0b61 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Generik.DXHUEAJ
TrendMicro-HouseCallTROJ_GEN.R011H0CKU21
KasperskyBackdoor.Win32.DarkVNC.pu
BitDefenderTrojan.GenericKD.47568639
TencentWin32.Backdoor.Darkvnc.Svqn
Ad-AwareTrojan.GenericKD.47568639
SophosMal/Generic-S
McAfee-GW-EditionBehavesLike.Win32.Autorun.wc
EmsisoftTrojan.GenericKD.47568639 (B)
GDataWin32.Trojan-Spy.Ursnif.F3UGXU
AviraBDS/Redcap.eddcb
MAXmalware (ai score=80)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Wacatac.B!ml
VBA32Win32.Malware.Dropper.Heur
APEXMalicious
PandaTrj/CI.A

How to remove Generik.DXHUEAJ?

Generik.DXHUEAJ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment