Malware

Should I remove “Generik.EHOPKCJ”?

Malware Removal

The Generik.EHOPKCJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generik.EHOPKCJ virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Uses suspicious command line tools or Windows utilities

Related domains:

needblank.xyz
needblank.website

How to determine Generik.EHOPKCJ?



File Info:

crc32: B1F83845
md5: e35f85f4e4f3799e0b3093581f35055d
name: file1.exe
sha1: 5c2fa90cce326636d6f786165132672125bff4b5
sha256: 06f8b6edd458b4d02bb0bafd36ddb4592247f4b61a4940b4f8d47bd5fa357b0a
sha512: ae08196f5448b8578d526da87966731f77e121c2f9dd405989c01e1587f22da0c6340a7aee7130b4a21bd29c3b5f64a44e20a357f9a6faebcade01ff9b013607
ssdeep: 24576:BCktq1Lt+w4oho1YRVlSvG6r44fqg4A/CZmomWz71tm+eJZ9NXYD5nUpBnkny1h:BCkt9kl6rfqJXPmWnLjE9ZKUbkny1h
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Assembly Version: 5.3.4.4
LegalCopyright: Copyright xa9Honest Co..  All rights reserved.
InternalName: Returns
FileVersion: 5.3.4.4
CompanyName: Honest Co.
FileDescription: Shimmer Executable Districts Appropriation Psychology
LegalTrademarks: Copyright xa9Honest Co..  All rights reserved.
Comments: Shimmer Executable Districts Appropriation Psychology
ProductName: Returns
Languages: English
ProductVersion: 5.3.4.4
PrivateBuild: 5.3.4.4
OriginalFilename: Returns
Translation: 0x0409 0x04b0

Generik.EHOPKCJ also known as:

BkavW32.AIDetectVM.malware
MicroWorld-eScanTrojan.GenericKD.33560533
BitDefenderTrojan.GenericKD.33560533
Invinceaheuristic
BitDefenderThetaGen:NN.ZexaF.34100.kz0@a0breAdi
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Generik.EHOPKCJ
APEXMalicious
GDataTrojan.GenericKD.33560533
KasperskyTrojan.Win32.Zenpak.xfs
AegisLabTrojan.Multi.Generic.4!c
Ad-AwareTrojan.GenericKD.33560533
EmsisoftTrojan.GenericKD.33560533 (B)
F-SecureTrojan.TR/AD.Khalesi.kpeli
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
IkarusWin32.Outbreak
AviraTR/AD.Khalesi.kpeli
Endgamemalicious (high confidence)
ZoneAlarmTrojan.Win32.Zenpak.xfs
MicrosoftPUA:Win32/Presenoker
McAfeeArtemis!E35F85F4E4F3
SentinelOneDFI – Suspicious PE
eGambitUnsafe.AI_Score_99%
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Generik.EHOPKCJ?

Generik.EHOPKCJ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment