Malware

Jaik.156939 malicious file

Malware Removal

The Jaik.156939 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Jaik.156939 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Jaik.156939?



File Info:

name: 411196FE31120F3E7BDB.mlw
path: /opt/CAPEv2/storage/binaries/27b7a13ddf4e6652aa98805f23a759e7a30b2d4d944291fb42ecb494177fb689
crc32: 92275BA9
md5: 411196fe31120f3e7bdbdae9a1788aba
sha1: d391f380110729f310d782c81cd0ab511c5e1221
sha256: 27b7a13ddf4e6652aa98805f23a759e7a30b2d4d944291fb42ecb494177fb689
sha512: 4d0859584468caf1baa8e6f6b1634171cbde956e44312c12c4a40df38876b27832052bfbd2ff0a5b1e418a365a3eb47e085a4ca1faba652da4d2058371c70def
ssdeep: 1536:ICgtDOCyNpvwwIYiG+pE9MMdYVPoeDjHeAv4I34zX0ZYuueUmS3rh+jDE:ICgtDaNW169MgYVPbDjpIzCY3uE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19093E01353464619E4536BB228D5E62DE7340E326D35CFC7C3A4AF6A32B0AD73D2C961
sha3_384: a276ac9c8dc6c17ef5f60da19bd60cf3cbf6894c9ef478476250dfb3d25f8d89ee22b57168ac317c8ee7f759f67544c2
ep_bytes: 68b4a870e0e8635b000068b4a877a5e8
timestamp: 2013-02-26 02:41:48


Version Info:

Comments: 
CompanyName: 
FileDescription: DNFPlugin
FileVersion: 1, 0, 0, 1
InternalName: DNFPlugin
LegalCopyright: 版权所有 (C) 2013
LegalTrademarks: 
OriginalFilename: DNFPlugin.EXE
PrivateBuild: 
ProductName: DNFPlugin 应用程序
ProductVersion: 1, 0, 0, 1
SpecialBuild: 
Translation: 0x0804 0x04b0

Jaik.156939 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Jaik.156939
FireEyeGeneric.mg.411196fe31120f3e
CAT-QuickHealTrojan.Agent
SkyhighBehavesLike.Win32.Autorun.mc
ALYacGen:Variant.Jaik.156939
Cylanceunsafe
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (W)
BitDefenderThetaGen:NN.ZexaF.36680.fC0@a0xAjcmb
SymantecML.Attribute.HighConfidence
CynetMalicious (score: 100)
APEXMalicious
BitDefenderGen:Variant.Jaik.156939
AvastWin32:Evo-gen [Trj]
EmsisoftGen:Variant.Jaik.156939 (B)
VIPREGen:Variant.Jaik.156939
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
VaristW32/ABRisk.CXIL-2497
Antiy-AVLTrojan/Win32.Wacatac
Kingsoftmalware.kb.b.857
MicrosoftTrojan:Win32/Wacatac.B!ml
XcitiumTrojWare.Win32.Trojan.XPACK.Gen@2ho5ur
ArcabitTrojan.Jaik.D2650B
ViRobotTrojan.Win.Z.Jaik.91136
GDataGen:Variant.Jaik.156939
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R624006
McAfeeArtemis!411196FE3112
VBA32BScope.TrojanSpy.Keylogger
MalwarebytesGeneric.Malware/Suspicious
TrendMicro-HouseCallTROJ_GEN.R002H09KF23
RisingTrojan.Generic@AI.100 (RDML:ZLxzTE1XCp+2+7KIJmvaEw)
IkarusTrojan-Downloader.Agent
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.011072
DeepInstinctMALICIOUS

How to remove Jaik.156939?

Jaik.156939 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment