Malware

Jaik.168457 (B) malicious file

Malware Removal

The Jaik.168457 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Jaik.168457 (B) virus can do?

  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Deletes executed files from disk
  • Attempts to interact with an Alternate Data Stream (ADS)
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Jaik.168457 (B)?



File Info:

name: 79311BB3FAA5EFB69904.mlw
path: /opt/CAPEv2/storage/binaries/da8d98a8ef9b0c36d1328814f8718d8277f1d1d4f421803b5ab01ea2a9a9bdc8
crc32: 9B8A3E47
md5: 79311bb3faa5efb69904505fb02341fc
sha1: 35b95b4154fca845f04f9a94521eb920ac590a50
sha256: da8d98a8ef9b0c36d1328814f8718d8277f1d1d4f421803b5ab01ea2a9a9bdc8
sha512: f1dd1759d6009929b2f7854c5ef5178fe8bd8633ef6965b2d2443b5e966e36362be257f8d98fb36ae0c25f347bf6baedf6c271f477006120067677078fe6195a
ssdeep: 24576:ObCj2sObHtqQ4QEfCr7w7yvuqqNq8FroaSaPXRackmrM4Biq7MhLv9GImmVfq4eC:ObCjPKNqQEfsw43qtmVfq4x
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T102C5D0C5F2AA40E2DC123FF5582567C78B344E364B3840597BAB3D498F335E6C11AAB6
sha3_384: 7c364246ab381589f566be8a58ebddb9de10ec0b1d3ecc0afef7da738797c0b049bcfd51ba5b3e363efce028afa71f69
ep_bytes: e837c20000e979feffffcccccccccccc
timestamp: 2010-01-15 16:09:54


Version Info:

Translation: 0x0409 0x04b0
CompanyName: Neil Hodgson neilh@scintilla.org
FileDescription: SciTE - a Scintilla based Text Editor
FileVersion: 1.75
InternalName: SciTE
LegalCopyright: Copyright 1998-2007 by Neil Hodgson
OriginalFilename: SciTE.EXE
ProductName: SciTE
ProductVersion: 1.75

Jaik.168457 (B) also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Jaik.168457
MalwarebytesGeneric.Malware.AI.DDS
SangforVirus.Win32.Save.a
K7AntiVirusTrojan ( 005936091 )
K7GWTrojan ( 005936091 )
CrowdStrikewin/malicious_confidence_100% (D)
VirITTrojan.Win32.AutoIt.GD
CyrenW32/Autoit.JFHF-9022
SymantecBloodhound.Malautoit
ESET-NOD32MSIL/Spy.Agent.AGJ
TrendMicro-HouseCallTSPY_ATBOT.SMAR5
AvastWin32:Evo-gen [Trj]
ClamAVWin.Trojan.Autoit-6996111-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Jaik.168457
TencentTrojan.Win32.Sabsik.haq
EmsisoftGen:Variant.Jaik.168457 (B)
F-SecureTrojan.TR/Agent.odipt
DrWebTrojan.Siggen17.49996
TrendMicroTSPY_ATBOT.SMAR5
McAfee-GW-EditionBehavesLike.Win32.Generic.vm
FireEyeGeneric.mg.79311bb3faa5efb6
SophosTroj/Atbot-B
GDataGen:Variant.Jaik.168457
JiangminTrojan.Script.aqrn
WebrootW32.Trojan.Gen
GoogleDetected
AviraTR/Agent.odipt
Antiy-AVLTrojan/Autoit.Winmgr.a
ArcabitTrojan.Jaik.D29209
ZoneAlarmVHO:Trojan-Spy.MSIL.BitCoin.gen
MicrosoftTrojan:Win32/Separ.GMD!MTB
CynetMalicious (score: 100)
AhnLab-V3Spyware/Win.Atbot.R531437
MAXmalware (ai score=81)
VBA32Trojan.Autoit.Obfus
Cylanceunsafe
APEXMalicious
RisingTrojan.Obfus/Autoit!1.E083 (CLASSIC)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetAutoIt/Agent.AGJ!tr
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.3faa5e
DeepInstinctMALICIOUS

How to remove Jaik.168457 (B)?

Jaik.168457 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment