Malware

About “Jaik.126201” infection

Malware Removal

The Jaik.126201 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Jaik.126201 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Performs HTTP requests potentially not found in PCAP.
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Saami
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Jaik.126201?



File Info:

name: B2AE6AACC5AAF636DE12.mlw
path: /opt/CAPEv2/storage/binaries/bb33f00a4cd959e5952c4246fdf3e924b9531cdf23589bf12076a8b683e185eb
crc32: 647522E1
md5: b2ae6aacc5aaf636de12767a4fd63fb7
sha1: f435bebc7ffde92ba508271d108bb786a37e6bf3
sha256: bb33f00a4cd959e5952c4246fdf3e924b9531cdf23589bf12076a8b683e185eb
sha512: aefd1689e598ae1623dcab746b39d2ac7f66f2c8ddc864e560428e5f6811b79b9dc9a1e9873788f48fc97a3bab94237ba0dc36b1fb21f9549305de834130e2d4
ssdeep: 3072:UTz8moTrH4eHbpdmN3rTHpJGhFCGl4tHNuPPZeREnIftcQ3:WomonDHbpMN3iTl4ttuPPkR6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12F149E2272E2B860E463DE319D29D6F42E6EF9534E7856AB2334EB1F0D701D3C562712
sha3_384: a0c13c0f223be9e6d3b032175f310e5968e96413181f545fe5cec7e8fc322dc7295e18a7c5ad409dbd8c08b94eac52f8
ep_bytes: e8b4530000e989feffff8bff558bec83
timestamp: 2022-01-07 05:50:15


Version Info:

CompanyName: PakistanFood
FileDescription: Morricone
FileVersion: 25.77.48.49
InternalName: GorgerousOnce.exe
LegalTrademarks1: consultated
ProductName: HypsterWorld
Translation: 0x4047 0x0565

Jaik.126201 also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 100)
VIPREGen:Variant.Jaik.126201
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyUDS:Trojan.Win32.Zenpak.gen
BitDefenderGen:Variant.Jaik.126201
MicroWorld-eScanGen:Variant.Jaik.126201
AvastWin32:CrypterX-gen [Trj]
TencentTrojan-Ransom.Win32.Stop.gen
EmsisoftGen:Variant.Jaik.126201 (B)
McAfee-GW-EditionBehavesLike.Win32.Lockbit.ch
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.b2ae6aacc5aaf636
SophosTroj/Krypt-VE
IkarusTrojan.Win32.Crypt
GDataGen:Variant.Jaik.126201
WebrootW32.Trojan.Gen
ArcabitTrojan.Jaik.D1ECF9
ZoneAlarmUDS:Trojan.Win32.Zenpak.gen
MicrosoftTrojan:Win32/Azorult.FW!MTB
GoogleDetected
ALYacGen:Variant.Jaik.126201
MAXmalware (ai score=82)
VBA32BScope.Trojan.CoinMiner
Cylanceunsafe
RisingTrojan.Generic@AI.100 (RDML:0d9ednOmTRRh4y2kmtjVQA)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:CrypterX-gen [Trj]
Cybereasonmalicious.c7ffde

How to remove Jaik.126201?

Jaik.126201 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment