Malware

About “Jacard.226327” infection

Malware Removal

The Jacard.226327 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Jacard.226327 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Anomalous file deletion behavior detected (10+)
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Unconventionial binary language: Latvian
  • Unconventionial language used in binary resources: Latvian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Sniffs keystrokes
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering

How to determine Jacard.226327?



File Info:

name: 9A344BBAA50639FA37E0.mlw
path: /opt/CAPEv2/storage/binaries/a7239459077d51faf2b06e9d08be0218f4f58f08f74857f3b257e5358bf96a9c
crc32: B20FB693
md5: 9a344bbaa50639fa37e058ceff8c2394
sha1: 64d17326bfdd988654cfbdc60f926dd37d10d752
sha256: a7239459077d51faf2b06e9d08be0218f4f58f08f74857f3b257e5358bf96a9c
sha512: 10f2dc3d8d204c278c4322694a05911e7d40757aa5d0cd7ebb821df4c1f67c58860ad192feaa80a1cf85089736c4268f0d25067af2e728b28bcd974393eb81a6
ssdeep: 98304:glVaoWr/39MCLAOcZxXk7NJJQaeKtNC0j8:J7IFYJ1d9A
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E0F533A49341BD35F4A32F3F2225A4D632403E1979DD784C8C7DF09A99387D3A44FAA6
sha3_384: 8faf803d665d0c196a259ce1e9dda74cb42a9cb93e243f4450a92fc3feadd83519fea19fc73e513a842c3917d3c9e93a
ep_bytes: 60be005062008dbe00c0ddff5783cdff
timestamp: 2010-05-01 10:02:29


Version Info:

CompanyName: Indigo
FileDescription: MuOnline Launcher
FileVersion: 1.0.0.5
InternalName: MuOnline Launcher
LegalCopyright: Gunz
LegalTrademarks: 
OriginalFilename: 
ProductName: 
ProductVersion: 1.0.0.0
Comments: www.cheats.lv
Translation: 0x0426 0x04e9

Jacard.226327 also known as:

BkavW32.AIDetect.malware2
DrWebTrojan.NtRootKit.17903
MicroWorld-eScanGen:Variant.Jacard.226327
FireEyeGeneric.mg.9a344bbaa50639fa
ALYacGen:Variant.Jacard.226327
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforRiskware.Win32.Agent.ky
AlibabaTrojanDownloader:Win32/MalwareScope.642c6bfb
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R002C0OIG21
Paloaltogeneric.ml
ClamAVWin.Trojan.Pher-180
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Variant.Jacard.226327
NANO-AntivirusTrojan.Win32.NtRootKit.fhrchi
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Jacard.226327
ComodoMalware@#1zbe32xi1oyo2
ZillyaDownloader.Pher.Win32.22834
TrendMicroTROJ_GEN.R002C0OIG21
McAfee-GW-EditionBehavesLike.Win32.Dropper.wc
EmsisoftGen:Variant.Jacard.226327 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Jacard.226327
JiangminTrojanDownloader.Pher.vw
AviraTR/Crypt.XPACK.Gen3
MAXmalware (ai score=96)
Antiy-AVLTrojan/Generic.ASMalwS.2B0BE26
ArcabitTrojan.Jacard.D37417
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
McAfeeGenericRXAA-AA!9A344BBAA506
VBA32MalwareScope.Trojan-PSW.Game.16
APEXMalicious
YandexTrojan.GenAsa!oCRFO5WR8mk
MaxSecureTrojan.Malware.1728101.susgen
AVGWin32:Malware-gen
PandaTrj/CI.A

How to remove Jacard.226327?

Jacard.226327 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment