Malware

How to remove “Jaik.42396”?

Malware Removal

The Jaik.42396 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Jaik.42396 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Steals private information from local Internet browsers
  • Likely virus infection of existing system binary

How to determine Jaik.42396?



File Info:

name: 8E07189AB2E9467FD287.mlw
path: /opt/CAPEv2/storage/binaries/b0ff43aedb0401ce39112610d992a693ad9edaeb0602b4bd46f4d9f8679b6c3f
crc32: 5B247C6D
md5: 8e07189ab2e9467fd28738c58cfa14b2
sha1: 5e04044189707c06e9044aea023baebde969f19e
sha256: b0ff43aedb0401ce39112610d992a693ad9edaeb0602b4bd46f4d9f8679b6c3f
sha512: 9f5518f3437143f531bb5dad5b76fb9c39536b9cb5fbd269b3932baa9df526466de268b94c4776006970ce6a6dd9c1da23292e9047f2e53b90f9e16f19a92ce1
ssdeep: 24576:ZogCnMco8WpApXgeYDapHKXV7Pq2vvHX7gGw3r4n4q2Ottz5iB16J+ISbdLMdFPC:fCnMtpAncv7Pq2v/XUGVD5US3kTdnq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T198C5F12235024376F9D4097E84BB7C613CBD4A5807C1A4F70DADF9CE3AB56E1A632993
sha3_384: daa177768f8ce82ad6e7ceba56c04768610844ae95e90d4c65e8161bc8ec998895a3fe95c2adc18935fb2474b927627b
ep_bytes: 558bec6aff68081a5b0068c4b85a0064
timestamp: 2020-01-02 10:23:01


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: AtomPark Software Inc.                                      
FileDescription: Install Atomic Mail Sender, a powerful personalized bulk mai
FileVersion: 9.44.0.445          
LegalCopyright: Copyright (c) AtomPark Software Inc, 2001-2019. All right reserved.                                 
ProductName:                                                             
ProductVersion: 9.44.0.445                                        
Translation: 0x0000 0x04b0

Jaik.42396 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Ekstak.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader32.39602
CynetMalicious (score: 99)
FireEyeGeneric.mg.8e07189ab2e9467f
ALYacGen:Variant.Jaik.42396
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.1913132
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0056252b1 )
AlibabaTrojan:Win32/Ekstak.6d7f2c04
K7GWTrojan ( 0056252b1 )
Cybereasonmalicious.ab2e94
BitDefenderThetaGen:NN.ZexaF.34114.FA0@aCenwoci
CyrenW32/Kryptik.BAU.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.GZXO
TrendMicro-HouseCallTROJ_GEN.R007C0RHM21
ClamAVWin.Packed.Adrozek-9811562-0
KasperskyHEUR:Trojan.Win32.Ekstak.pef
BitDefenderGen:Variant.Jaik.42396
NANO-AntivirusTrojan.Win32.Ekstak.hbnnxl
MicroWorld-eScanGen:Variant.Jaik.42396
AvastWin32:AdwareX-gen [Adw]
TencentWin32.Trojan.Zusy.Eaxb
Ad-AwareGen:Variant.Jaik.42396
SophosMal/Generic-R + Troj/Agent-BEQV
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R007C0RHM21
McAfee-GW-EditionBehavesLike.Win32.Dropper.vc
EmsisoftGen:Variant.Jaik.42396 (B)
IkarusTrojan.Win32.Krazy
GDataGen:Variant.Jaik.42396
JiangminTrojan.Ekstak.ayqg
AviraHEUR/AGEN.1120902
Antiy-AVLTrojan/Generic.ASMalwS.2F7495A
MicrosoftBrowserModifier:Win32/Adrozek
Acronissuspicious
McAfeeGenericRXAA-AA!8E07189AB2E9
MAXmalware (ai score=88)
VBA32BScope.Trojan.Ekstak
MalwarebytesAdware.DownloadAssistant
APEXMalicious
RisingTrojan.Kryptik!1.AA23 (CLOUD)
YandexTrojan.GenAsa!TkYYT/eOAp0
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/CoinMiner.GYQC!tr
AVGWin32:AdwareX-gen [Adw]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Jaik.42396?

Jaik.42396 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment