Crack

About “HackTool:Win32/Flystudio!mclg” infection

Malware Removal

The HackTool:Win32/Flystudio!mclg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What HackTool:Win32/Flystudio!mclg virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine HackTool:Win32/Flystudio!mclg?


File Info:

name: DE739F3134BC80969BA1.mlw
path: /opt/CAPEv2/storage/binaries/0ed79637d56d2bc848b0c5150cb3e285aada3e1261009edac64305067cb7eebe
crc32: 07641C94
md5: de739f3134bc80969ba1e3d3fc158499
sha1: b5ba4e78e098f1d46bb23c62f04b90bf588103e6
sha256: 0ed79637d56d2bc848b0c5150cb3e285aada3e1261009edac64305067cb7eebe
sha512: 59bf0dc15a968c0d8f956eceb4d26751cd07936916b5d01513dcce232a420ad430e5a37f10dd05b01c644fe78d766e6377ab10553085186eae6c8a4a596f5af1
ssdeep: 12288:mbR5lgCaUvXPOgeAzQdfS3QIqUwisi9Fy:6AePOgeAzQdAqUwLi9Y
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F7D4114EE3A18B1ED43D4B71EA728CC074599D2F5CD21E7A79CBFA8E63771020B21625
sha3_384: 4c77034c890d14bfe9f49d6584cf866fe67ed4ac4e9789859f1ab61151d8f9201693b7db5a6667a145e7916ec67eade5
ep_bytes: 60be00a051008dbe0070eeff57eb0b90
timestamp: 2019-01-15 06:42:08

Version Info:

FileVersion: 1.1.0.0
FileDescription: 自定义按数量和像素切分图片。
ProductName: 长图切片器
ProductVersion: 1.1.0.0
CompanyName: 小人国历险记/zzfafa
LegalCopyright: zzfafa
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

HackTool:Win32/Flystudio!mclg also known as:

LionicTrojan.Multi.Generic.lLmM
Elasticmalicious (moderate confidence)
FireEyeGeneric.mg.de739f3134bc8096
CAT-QuickHealRisktool.Flystudio.18829
McAfeeRDN/Generic.com
CylanceUnsafe
SangforHacktool.Win32.Flystudio.mclg
AlibabaTrojanPSW:Win32/Virbox.afd8e797
K7GWTrojan ( 005246d51 )
K7AntiVirusTrojan ( 005246d51 )
CyrenW32/Trojan.CLL.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
Paloaltogeneric.ml
NANO-AntivirusTrojan.Win32.Wsgame.implpv
AvastWin32:Malware-gen
ComodoPacked.Win32.MUPX.Gen@24tbus
DrWebTrojan.PWS.Wsgame.54177
McAfee-GW-EditionBehavesLike.Win32.Trojan.hc
SophosGeneric PUA LF (PUA)
SentinelOneStatic AI – Malicious PE
GDataWin32.Application.PUPStudio.A
KingsoftWin32.Troj.Generic_a.a.(kcloud)
ViRobotAdware.Agent.605184.G
MicrosoftHackTool:Win32/Flystudio!mclg
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.C4949023
BitDefenderThetaGen:NN.ZexaF.34606.KmKfaa1uwHhb
VBA32BScope.Trojan.Wacatac
MalwarebytesMalware.AI.1059661534
TrendMicro-HouseCallTROJ_GEN.R002H0CD422
RisingMalware.Uwasson!8.11125 (CLOUD)
IkarusPUA.Virbox
MaxSecureDropper.Dinwod.frindll
FortinetRiskware/Application
AVGWin32:Malware-gen
Cybereasonmalicious.8e098f

How to remove HackTool:Win32/Flystudio!mclg?

HackTool:Win32/Flystudio!mclg removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment