Malware

Heur.Mint.Porcupine.truaa8Gjd6gjg removal tips

Malware Removal

The Heur.Mint.Porcupine.truaa8Gjd6gjg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Heur.Mint.Porcupine.truaa8Gjd6gjg virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • At least one process apparently crashed during execution
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Loads a driver
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • A process attempted to delay the analysis task by a long amount of time.
  • Installs itself for autorun at Windows startup
  • Installs itself for autorun at Windows startup

How to determine Heur.Mint.Porcupine.truaa8Gjd6gjg?



File Info:

name: 3E9E1F68E5D373AA128A.mlw
path: /opt/CAPEv2/storage/binaries/d9fe77652a1b714a8bc761493211604e9d9f3b03f2b46951d64eddcb3a0241d3
crc32: 5ABD4CDE
md5: 3e9e1f68e5d373aa128a72ea169863e4
sha1: 72734ab23b7ce6d6e005684cbf33e03a57669e01
sha256: d9fe77652a1b714a8bc761493211604e9d9f3b03f2b46951d64eddcb3a0241d3
sha512: 6e4db674924348b35ba5604089f1809f289afa0cd763ad6fe93cde430879c7186617111abb1ea9db81e8e41d78c727187680a2a998ffae05bc12ad89fe36cff5
ssdeep: 24576:BvvSYujnkzx8/rtM4hrKIKrcjVgLWYrsI4DsCI29iX:BXTbx8pMqWIKruQW6sEC94
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E655BF52B592C0F2C74615300DA6A736FBBADE450B198FC3B3A4FE5C6D32191D63623A
sha3_384: 284e62dec7d41966b8957d0d77fc36449dcebd99b013a0a059284f4116862f49b433ec9bfb05365c8a4e0f534f77df5a
ep_bytes: 558bec6aff68a88e520068d4c8460064
timestamp: 2021-12-01 12:35:46


Version Info:

FileVersion: 1.0.0.0
FileDescription: 易语言程序
ProductName: 易语言程序
ProductVersion: 1.0.0.0
LegalCopyright: 作者版权所有 请尊重并使用正版
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

Heur.Mint.Porcupine.truaa8Gjd6gjg also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Heur.Mint.Porcupine.truaa8Gjd6gjg
CAT-QuickHealRisktool.Flystudio.16882
McAfeeGenericRXAG-GP!3E9E1F68E5D3
CylanceUnsafe
K7AntiVirusTrojan ( 005246d51 )
CyrenW32/Agent.EW.gen!Eldorado
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
AvastWin32:BackdoorX-gen [Trj]
ClamAVWin.Trojan.Mikey-9862566-0
BitDefenderGen:Heur.Mint.Porcupine.truaa8Gjd6gjg
Ad-AwareGen:Heur.Mint.Porcupine.truaa8Gjd6gjg
EmsisoftGen:Heur.Mint.Porcupine.truaa8Gjd6gjg (B)
DrWebTrojan.DownLoader33.34006
McAfee-GW-EditionBehavesLike.Win32.Generic.th
SophosMal/Generic-S
AviraHEUR/AGEN.1136922
ArcabitTrojan.Mint.Porcupine.truaa8Gjd6gjg
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34062.tr0@a8Gjd6gj
MAXmalware (ai score=80)
VBA32Win32.Trojan.Dropper.Heur
RisingMalware.Heuristic!ET#98% (RDMK:cmRtazpK5yhyS6hWXrGs+4teuYSL)
YandexTrojan.GenAsa!NMtW00H1RO4
IkarusTrojan.Win32.Injector
eGambitUnsafe.AI_Score_99%
FortinetW32/CoinMiner.65CA!tr
AVGWin32:BackdoorX-gen [Trj]
PandaTrj/Genetic.gen
MaxSecureDropper.Dinwod.frindll

How to remove Heur.Mint.Porcupine.truaa8Gjd6gjg?

Heur.Mint.Porcupine.truaa8Gjd6gjg removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment