Malware

Generik.IEELZHR malicious file

Malware Removal

The Generik.IEELZHR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generik.IEELZHR virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Generik.IEELZHR?



File Info:

name: 55F8C5DCBCD27EFBB599.mlw
path: /opt/CAPEv2/storage/binaries/5e4ecfd00d3cc99de422e00977993eac3e574af6f894c50177c1a4169a61cc41
crc32: 4D2AF7E9
md5: 55f8c5dcbcd27efbb599a3f54d87f1d7
sha1: 0a104d3d86935a8584d69031f227fa527f37a8d5
sha256: 5e4ecfd00d3cc99de422e00977993eac3e574af6f894c50177c1a4169a61cc41
sha512: b6885894bc0b02d29d263e15fa8247ea94afdfaa99a612f1e8b054566595f9c6191434d20de2a9d800eb00b7da64876df77d1dcf16ee366255206c2557223386
ssdeep: 98304:Q4gu3lW+hb1oFj6seR8NrYwyJJfdWVsueOaakcMxkSOF9Y4KuK5MO6DC7Lgwv7sB:liaCdva8NFGWVhSkSOF6H6ag47szMgJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1045633968E89BC7DDCB6C730181E84F1BE1A5A271978B5823164CB722F5AF7A4047F13
sha3_384: 143e2331b54be4bce03ff06825c22ba7fcf2dc6d28b6c3aa82e4aacbfd3c0bae91e566e508b6a6cdeaef5ae49454ac96
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: Sobolsoft                                                   
FileDescription: Excel Add Hyperlinks Software Setup                         
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Excel Add Hyperlinks Software                               
ProductVersion:                     
Translation: 0x0000 0x04b0

Generik.IEELZHR also known as:

LionicTrojan.Win32.Hesv.4!c
SkyhighBehavesLike.Win32.ObfuscatedPoly.tc
McAfeeArtemis!55F8C5DCBCD2
MalwarebytesGeneric.Malware/Suspicious
ZillyaTrojan.Hesv.Win32.7346
SangforTrojan.Win32.Hesv.Vztu
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Generik.IEELZHR
KasperskyTrojan.Win32.Hesv.ctms
RisingTrojan.Hesv!8.EDB6 (CLOUD)
F-SecureTrojan.TR/Hesv.vgfvi
SophosMal/Generic-S (PUA)
AviraTR/Hesv.vgfvi
ZoneAlarmTrojan.Win32.Hesv.ctms
MicrosoftProgram:Win32/Wacapew.C!ml
CynetMalicious (score: 99)
VBA32Trojan.Hesv
TACHYONTrojan/W32.VB-Hesv.819200.F
DeepInstinctMALICIOUS
Cylanceunsafe
TencentWin32.Trojan.Hesv.Jajl
IkarusTrojan.Hesv
MaxSecureTrojan.Malware.1728101.susgen
FortinetW32/Hesv.CTMS!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen

How to remove Generik.IEELZHR?

Generik.IEELZHR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment