Malware

How to remove “Generik.FYEKGSM”?

Malware Removal

The Generik.FYEKGSM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generik.FYEKGSM virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the CryptBot malware family
  • Anomalous binary characteristics

How to determine Generik.FYEKGSM?



File Info:

name: 3588C4BF5DC5FFA659A3.mlw
path: /opt/CAPEv2/storage/binaries/efba7e9d1e8bfeb0f8ecfa85c85d4c3a6012b784dee73e9f7d3259e854c9f581
crc32: D9C0FB08
md5: 3588c4bf5dc5ffa659a3ebf10f2277e3
sha1: 2d3ad06527ebd33493c45c987dc9b65b2f9bdc75
sha256: efba7e9d1e8bfeb0f8ecfa85c85d4c3a6012b784dee73e9f7d3259e854c9f581
sha512: d9cac3134f80ab0cc44f834857f3e758a74e1fabd5a4cd95204405398acab5babc21d2d1ecf5ae698dca28be2e9bde6b79776f63c7dc6fdd2c5e9f0c2ffe4762
ssdeep: 12288:ifNs3imO7DjuxG7P3imO7DjuxG753imO7DjuxG7joLeQ1R59yjdl8lXSEqX:ifNUim8juxG7/im8juxG7Rim8juxG7Mk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14EB49D697B16AC21D9A78631CD9704FD5A327C577D20CE7B62213C4E28B0D0FAB26327
sha3_384: 5cc4aede6cf0c9cb198ff8f3b08e16c37d27fa46458fad4aff9e69468d4e462115f6bbea5370520f91ae84e19a599db5
ep_bytes: b99d190000ff15404140008bd0680000
timestamp: 1970-01-01 00:00:00


Version Info:

CompanyName: FRISK Software International
FileDescription: Graphical User Interface (F-PROT Antivirus)
FileVersion: 1.4.5.47
LegalCopyright: Copyright © 2000-2010 FRISK Software International
OriginalFilename: FPWin.exe
ProductName: F-PROT Antivirus for Windows
ProductVersion: 6.0
Website: http://www.f-prot.com
Translation: 0x0000 0x04b0

Generik.FYEKGSM also known as:

LionicTrojan.Win32.Agentb.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.38875829
FireEyeGeneric.mg.3588c4bf5dc5ffa6
ALYacTrojan.GenericKD.38875829
CylanceUnsafe
SangforTrojan.Win32.Agentb.krqu
K7AntiVirusTrojan ( 0058d8f41 )
K7GWTrojan ( 0058d8f41 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/Kryptik.GCW.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Generik.FYEKGSM
APEXMalicious
KasperskyTrojan.Win32.Agentb.krqu
BitDefenderTrojan.GenericKD.38875829
AvastWin32:CrypterX-gen [Trj]
RisingTrojan.Kryptik!8.8 (CLOUD)
Ad-AwareTrojan.GenericKD.38875829
SophosMal/Generic-S
ComodoMalware@#1rwd6ieyo9z29
TrendMicroTROJ_GEN.R002C0PAQ22
McAfee-GW-EditionRDN/Generic PWS.y
EmsisoftTrojan.GenericKD.38875829 (B)
IkarusTrojan-Spy.Win32.CoinStealer
GDataTrojan.GenericKD.38875829
WebrootW32.Trojan.Gen
Antiy-AVLTrojan/Generic.ASMalwS.351D477
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D25132B5
MicrosoftRansom:Win32/ContiCrypt.PL!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.CryptBot.R467830
Acronissuspicious
McAfeeRDN/Generic PWS.y
MAXmalware (ai score=86)
VBA32BScope.Trojan.Agentb
MalwarebytesTrojan.MalPack
TrendMicro-HouseCallTROJ_GEN.R002C0PAQ22
YandexTrojan.Agent!KbP+T99jsk0
SentinelOneStatic AI – Malicious PE
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaF.34232.Gq2@aK3pIhfi
AVGWin32:CrypterX-gen [Trj]
Cybereasonmalicious.527ebd
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.138965234.susgen

How to remove Generik.FYEKGSM?

Generik.FYEKGSM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment