Jacard.220813 (file analysis)

The Jacard.220813 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Jacard.220813 virus can do?

• Creates RWX memory
• Unconventionial binary language: Chinese (Simplified)
• The binary likely contains encrypted or compressed data.
• Network activity detected but not expressed in API logs

How to determine Jacard.220813?

File Info:
crc32: B43A5C98
md5: 50e1c08f1b0de39ee8c28f51fbba43be
name: 50E1C08F1B0DE39EE8C28F51FBBA43BE.mlw
sha1: 5a9eda895acc124da8c15947d637c35fa1cd7222
sha256: fdd4fe67a58bf8fdfc80e043dd834e500d8cbbc6218cfa8fa9b885484249c662
sha512: 4f2934cc6953e87b7249ecf9e001547ca80c91eda92428962289e7aadf31dddfbf39cda9da14aae5d4465ce9a19b6d5655d44f0cda539625025fbb6f00826964
ssdeep: 24576:M2jqr6ZjUymM33oMMG+jFUrB1YoMGzZEUZFaloVAZ1RDUbn429AAs4csz4O:erkgGajQnNOyAlI9A/4Bz4
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
FileVersion: 1.5.3.0
CompanyName: x4e09x5c11
ProductName: StockSync
ProgramID: com.embarcadero.StockSync
ProductVersion: 1.0.0
FileDescription: StockSync
Translation: 0x0804 0x03a8

Jacard.220813 also known as:

How to remove Jacard.220813?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.