Virus

Hematite.Virus.FileInfector.DDS information

Malware Removal

The Hematite.Virus.FileInfector.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Hematite.Virus.FileInfector.DDS virus can do?

  • At least one process apparently crashed during execution
  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Hematite.Virus.FileInfector.DDS?



File Info:

name: BB1410C4B9F644691CB6.mlw
path: /opt/CAPEv2/storage/binaries/c686e0676d278aa7dcfdb993f9e34895f4c49202db0e9b709bd07380542faff1
crc32: A6DF0D78
md5: bb1410c4b9f644691cb64af00998f7c6
sha1: 2844897089609cd63b19ab5b3583e819584cffae
sha256: c686e0676d278aa7dcfdb993f9e34895f4c49202db0e9b709bd07380542faff1
sha512: 30f73cdb02bf65bcc0435e240a0d733b7150a435f5621a0f6aaba942799b627133a9c702dca4bbe8db5b44876ca21483d58795525c6b8e2a5e62d1544e5048cb
ssdeep: 384:n4SO2WYzxYSiAsJ5iEsXkr880O1fjKO9RaoEHmUCWcMzWQKsOGwcpIL:2KNYDAXEDrR0O1rj2oumhMhKuI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12892C00345B8005AF8FF01351147823842B473A59399CBEB3EDD8ABE5FA5893AD18B77
sha3_384: 041162b8fa22fcaa670a81e9da8de677f0886b721b6be51fa79242e0b1d4b1e63fd671bb4fc56ce494e9dc12318ed044
ep_bytes: 60be005000018dbe00c0ffff5783cdff
timestamp: 2008-04-13 18:36:53


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Windows Font Viewer
FileVersion: 5.1.2600.5512 (xpsp.080413-2105)
InternalName: fontview
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: FONTVIEW.EXE
ProductName: Microsoft® Windows® Operating System
ProductVersion: 5.1.2600.5512
Translation: 0x0409 0x04b0

Hematite.Virus.FileInfector.DDS also known as:

ClamAVWin.Virus.Hematite-6232506-0
CylanceUnsafe
SangforTrojan.Win32.Save.a
BitDefenderWin32.Hematite.A
Cybereasonmalicious.4b9f64
Elasticmalicious (high confidence)
APEXMalicious
CynetMalicious (score: 100)
NANO-AntivirusVirus.Win32.Infector.emtrum
MicroWorld-eScanWin32.Hematite.A
RisingTrojan.Wacatac!8.10C01 (TFE:dGZlOgS101RFH7NyKg)
Ad-AwareWin32.Hematite.A
McAfee-GW-EditionBehavesLike.Win32.Virut.lc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.bb1410c4b9f64469
EmsisoftWin32.Hematite.A (B)
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=82)
MicrosoftProgram:Win32/Wacapew.C!ml
ArcabitWin32.Hematite.A
GDataWin32.Hematite.A
AhnLab-V3Malware/Win32.Generic.C3063256
ALYacWin32.Hematite.A
MalwarebytesHematite.Virus.FileInfector.DDS
IkarusTrojan.Agent
FortinetW32/Agent.NDW
BitDefenderThetaAI:Packer.812B76F823
AVGWin32:Patched-AWV [Trj]
AvastWin32:Patched-AWV [Trj]
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Hematite.Virus.FileInfector.DDS?

Hematite.Virus.FileInfector.DDS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment