Malware

Generik.GSZQBMM (file analysis)

Malware Removal

The Generik.GSZQBMM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generik.GSZQBMM virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Deletes its original binary from disk
  • Creates a copy of itself

How to determine Generik.GSZQBMM?



File Info:

crc32: AF84A83C
md5: b0b1459796900e45278cc61513b4e2f5
name: vvvv.exe
sha1: c0e7c4861fea2d76aa20d54257cd04fba475f91f
sha256: 9f73922ea792028e6fb54088f3fe54658db312911c33840d91f76abed5da693d
sha512: f2e2c5f846e6896f2d76f4f532f5fd7dd99f5e740c3d96a624d1ec70b0d05261dee6c8f601158004fc27c94b2a106e46b9b63a1490dc99ff2cb855927e53afaf
ssdeep: 49152:CHoWnLQpd2/QiQzBi2mtzJZwrT+pTFvnjOWa:MoWn0r2YiQzSDtTFvCWa
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: DEK Software International Copyright xa9 2013. All rights reserved.
InternalName: Znes
FileVersion: 8.9.4.738
CompanyName: DEK Software International
FileDescription: Abracadabra Urlscan Orange Revise Wans Papers
Comments: Abracadabra Urlscan Orange Revise Wans Papers
ProductName: Znes
ProductVersion: 8.9.4.738
PrivateBuild: 8.9.4.738
Translation: 0x0409 0x04b0

Generik.GSZQBMM also known as:

MicroWorld-eScanTrojan.GenericKD.33577783
FireEyeGeneric.mg.b0b1459796900e45
Qihoo-360Win32/Trojan.818
McAfeeArtemis!B0B145979690
BitDefenderTrojan.GenericKD.33577783
BitDefenderThetaGen:NN.ZexaF.34104.Uz0@aCDU6Uki
GDataTrojan.GenericKD.33577783
KasperskyTrojan.Win32.CMY3U.buf
AlibabaTrojan:Win32/CMY3U.848c3e1a
AegisLabTrojan.Win32.Generic.4!c
RisingTrojan.Generic@ML.99 (RDML:Bo30lpkEEOl9j/x4M8scXA)
Ad-AwareTrojan.GenericKD.33577783
DrWebTrojan.Inject3.36853
Invinceaheuristic
McAfee-GW-EditionArtemis!Trojan
SentinelOneDFI – Suspicious PE
Trapminemalicious.high.ml.score
EmsisoftTrojan.GenericKD.33577783 (B)
APEXMalicious
Endgamemalicious (high confidence)
ArcabitTrojan.Generic.D2005B37
ZoneAlarmTrojan.Win32.CMY3U.buf
MicrosoftTrojan:Win32/Wacatac.C!ml
Acronissuspicious
MAXmalware (ai score=86)
ESET-NOD32a variant of Generik.GSZQBMM
TencentWin32.Trojan.Cmy3u.Pepd
IkarusTrojan-Ransom.GandCrab
FortinetW32/Generik.GSZQBMM!tr
AVGFileRepMetagen [Malware]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Generik.GSZQBMM?

Generik.GSZQBMM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment