Crack

What is “HackTool.Iehv.SD4”?

Malware Removal

The HackTool.Iehv.SD4 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What HackTool.Iehv.SD4 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Unconventionial language used in binary resources: Hebrew
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Steals private information from local Internet browsers

How to determine HackTool.Iehv.SD4?



File Info:

name: F33EF81A92E84D5BA83D.mlw
path: /opt/CAPEv2/storage/binaries/c55ffac67ff93cf7902fe16e8c9fe99bbb9fcce367a07641b3aee3d8138df8b4
crc32: 66A9C7FA
md5: f33ef81a92e84d5ba83d69a0dab2f2fb
sha1: 163ff4e2f4645dd5e1f6c73809c6f7434855bcb2
sha256: c55ffac67ff93cf7902fe16e8c9fe99bbb9fcce367a07641b3aee3d8138df8b4
sha512: 0e9e02014c778e70cfa4874acbff58c320e41ffffe285b9f896879fae64c01f988c3a41bc41e710973a0160e3d2b71eefd33d65f727ad3fd0225d6dc8d5e35ab
ssdeep: 768:7ubLj/ur3kdABSJpYkI1+RjBHUZWG4F9UIV2SyYA:7AekdABcfjBHCje9UBS5A
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12813D043D3D95812DDBD42725AB3EF3A2B29BD047B2247262205362FFDB17A4CC921E5
sha3_384: 83c6eff93bdea147682069389fd32566d7f1329e978df14f024ab2caea5d7d12ce6abcaa4017b6dc469da9fcf5c76003
ep_bytes: 60be00f040008dbe0020ffff57eb0b90
timestamp: 2011-12-13 15:04:48


Version Info:

CompanyName: NirSoft
FileDescription: IEHistoryView
FileVersion: 1.70
InternalName: IEHistoryView
LegalCopyright: Copyright © 2003 - 2011 Nir Sofer
OriginalFilename: iehv.exe
ProductName: IEHistoryView
ProductVersion: 1.70
Translation: 0x0409 0x04b0

HackTool.Iehv.SD4 also known as:

CAT-QuickHealHackTool.Iehv.SD4
SophosNirSoft (PUA)
APEXMalicious
JiangminRiskTool.IEHistoryView.cb
Antiy-AVLTrojan/Win32.TSGeneric
GridinsoftRansom.Win32.Wacatac.oa!s2
MalwarebytesMalware.AI.633145950
MaxSecureTrojan.Malware.300983.susgen

How to remove HackTool.Iehv.SD4?

HackTool.Iehv.SD4 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment