About “Jaik.101719” infection

The Jaik.101719 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Jaik.101719 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid
Yara detections observed in process dumps, payloads or dropped files

How to determine Jaik.101719?


File Info:
name: 5E94CB155AB2EA53ADFA.mlw
path: /opt/CAPEv2/storage/binaries/5c567b7eb501e376505c68384e9c968e02c53c75ffc026339e6a979473d4ebf9
crc32: AD7E038C
md5: 5e94cb155ab2ea53adfae258e270085b
sha1: 6f1ba677b5d06c47d47982352ad22bfff823fa9a
sha256: 5c567b7eb501e376505c68384e9c968e02c53c75ffc026339e6a979473d4ebf9
sha512: 82ec07cdbec4eb987203b1e513cc16f023d7475cfe53a376b3adac99151645521b32c279f2c2f5c284987793163ecf9f267c59211a8aada82022f0590e087baa
ssdeep: 12288:AGElTcEhFfeCoN/CP2XjqaZfaVAibJz+Nv7pcbCbqMiu+W+Trexls:AGiTcE3fbo9Cyjffaopcuu1c6
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T12CB55215F36180F6F61C0CF2347532E0BED9427B5C292A87F5168969BF36C4A41B9EE2
sha3_384: ba1e6814c02cfa397268b0091fc58f519ff538c9dede022d5ad3d6b1ff852b7f20489cb627a3c07ab8459378c89ed6e2
ep_bytes: 558bec538b5d08568b750c578b7d1085
timestamp: 2022-06-22 01:59:14

Version Info:
FileVersion: 1.0.0.0
FileDescription: 易语言程序
ProductName: 易语言程序
ProductVersion: 1.0.0.0
CompanyName: 小陈
LegalCopyright: 小陈QQ644888144，泛滥一律不能用！
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

Jaik.101719 also known as:

Bkav	W32.Common.FCB38DB7
Lionic	Trojan.Multi.Generic.lx0k
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Jaik.101719
ClamAV	Win.Packed.Zusy-10011965-0
FireEye	Generic.mg.5e94cb155ab2ea53
Skyhigh	BehavesLike.Win32.Generic.vh
ALYac	Gen:Variant.Jaik.101719
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Suspicious.Win32.Save.ins
CrowdStrike	win/malicious_confidence_100% (W)
Arcabit	Trojan.Jaik.D18D57
BitDefenderTheta	Gen:NN.ZedlaF.36744.nw8@a8AZJzhb
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Jaik.101719
Avast	Win32:TrojanX-gen [Trj]
Emsisoft	Gen:Variant.Jaik.101719 (B)
VIPRE	Gen:Variant.Jaik.101719
Sophos	Generic Reputation PUA (PUA)
SentinelOne	Static AI – Malicious PE
Google	Detected
Antiy-AVL	RiskWare/Win32.FlyStudio.a
Xcitium	TrojWare.Win32.Agent.OSCF@5rs7jr
Microsoft	Program:Win32/Wacapew.C!ml
ViRobot	Adware.Wacapew.2310144.A
GData	Win32.Application.PSE.1OV7PVV
Varist	W32/Trojan.GRW.gen!Eldorado
McAfee	Artemis!5E94CB155AB2
MAX	malware (ai score=81)
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H09KU23
Rising	Trojan.Generic@AI.96 (RDML:jYFLfFKqmiG1k+ukJ2EHaA)
Ikarus	Trojan.Win32.Agent
MaxSecure	Dropper.Dinwod.frindll
Fortinet	Riskware/PackedFlyStudio
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Jaik.101719?

Jaik.101719 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X