Generik.EMFLRZA (file analysis)

The Generik.EMFLRZA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generik.EMFLRZA virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Generik.EMFLRZA?


File Info:
name: 80FEC97B0DDF612E8453.mlw
path: /opt/CAPEv2/storage/binaries/d07029cb478fd45542f193e3abc5d9aa1e797f2eaaa5406fc703bcfc21b070bb
crc32: 200B647D
md5: 80fec97b0ddf612e8453bf6de637c1ae
sha1: d84a878f6e179c6c8aa3cc74780ae95c8f2a5c7f
sha256: d07029cb478fd45542f193e3abc5d9aa1e797f2eaaa5406fc703bcfc21b070bb
sha512: b9700a569842897721184755bd0daf7b0a64a18bd52fc09c4b7cddc8296599605ce5487c42b67cce95d51ae948c0b62370db6e3305c09e70778656be508911d4
ssdeep: 768:182HV0L3IKFU8oV6vonMouwr+EuijFlPchWBwFJ5wz:7HV0LcV6R/+xjFrBwFJyz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T100D2D6539B1CB13ED45216B9A5A5A37209677C701B18F28FF2802E4B7CB86D2B93D347
sha3_384: 420c9ac3f1bf6648444c3aa1abe1f2895cafda59195f7f1cef87a937cda155e9fdee43757b65c97fd7e0e3692b1d3eb9
ep_bytes: 6a7068a02a0001e81d02000033db8d45
timestamp: 2008-07-02 12:38:31

Version Info:
Comments: Utility for setting a default MIDI device
CompanyName: Creative Technology Ltd
FileDescription: mididef
FileVersion: 2, 9, 0, 6
InternalName: mididef
LegalCopyright: Copyright© 2000-2005 Creative Technology Ltd
LegalTrademarks: 
OriginalFilename: mididef.exe
PrivateBuild: 
ProductName: Creative Audio Product
ProductVersion: 2, 9, 0, 6
SpecialBuild: 
Translation: 0x0409 0x04b0

Generik.EMFLRZA also known as:

Lionic	Trojan.Win32.Microt.4!c
MicroWorld-eScan	Gen:Variant.Cerbu.167553
FireEye	Gen:Variant.Cerbu.167553
McAfee	RDN/Generic.dx
Cylance	unsafe
Sangfor	Trojan.Win32.Microt.Vzyo
Alibaba	Trojan:Win32/Microt.19424a46
Cyren	W32/Microt.A.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Generik.EMFLRZA
Kaspersky	HEUR:Trojan.Win32.Microt.gen
BitDefender	Gen:Variant.Cerbu.167553
Avast	Win32:Evo-gen [Trj]
Tencent	Trojan.Win32.Microt.ka
TACHYON	Trojan/W32.Microt.29184
Sophos	Mal/Generic-S
F-Secure	Trojan.TR/Redcap.psxmq
DrWeb	Trojan.MulDrop21.59792
VIPRE	Gen:Variant.Cerbu.167553
TrendMicro	PAK_Xed-21
McAfee-GW-Edition	BehavesLike.Win32.Kudj.mm
Emsisoft	Gen:Variant.Cerbu.167553 (B)
GData	Win32.Trojan.PSE.19PF6GM
Avira	TR/Redcap.psxmq
Arcabit	Trojan.Cerbu.D28E81
ViRobot	Trojan.Win.Z.Cerbu.29184.R
ZoneAlarm	HEUR:Trojan.Win32.Microt.gen
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.Generic.R567795
ALYac	Gen:Variant.Cerbu.167553
MAX	malware (ai score=80)
Malwarebytes	Malware.Heuristic.1001
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	PAK_Xed-21
Rising	Trojan.Generic@AI.100 (RDML:SdM1hJ2tco69u+FyHzEjhg)
Fortinet	W32/Wacatac.B!tr
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Generik.EMFLRZA?

Generik.EMFLRZA removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X