Malware

Jaiko.2752 malicious file

Malware Removal

The Jaiko.2752 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Jaiko.2752 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Behavioural detection: Injection with CreateRemoteThread in a remote process
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Jaiko.2752?



File Info:

name: 198BE379656E57B6E6C6.mlw
path: /opt/CAPEv2/storage/binaries/41cbd3764fe49b634b38d5b1084c638e688063947b793d30c7a2c9c827140f58
crc32: 80388624
md5: 198be379656e57b6e6c6fe3372fbbec8
sha1: 304b156a65887af854539eea18d85bc81b85468d
sha256: 41cbd3764fe49b634b38d5b1084c638e688063947b793d30c7a2c9c827140f58
sha512: 8569640d50317ae8540efbeb9818a612a3eb6e104da735cd8398231ebede3b696de66762e49cbd24617dc3b12e4508113d7c2a2607280617114901f955df33cd
ssdeep: 6144:PQX3ubxZPmWDiVSiBKX2QJ8I7MRwvWv7qsCU9bYMaC:M3ubxZPmW2VSiBKGc8o+dlbYM
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T131448D29B7F0A0B1E0F316B16EB996E59B757C316738801F3B58079D0E70BA48632767
sha3_384: 39ca2fc1f994d1e7fe51be9520307bf4333790c7df36542c30e80dc0bcf92d18c72498d236bfd1a0d35f0a9d1459f20e
ep_bytes: e853580000e978feffffcccccccccccc
timestamp: 2017-03-19 16:30:07


Version Info:

FileDescription: Internet Low-Mic Utility Tool
CompanyName: Microsoft Corporation
LegalTrademarks: © Microsoft Corporation. All rights reserved.
ProductName: Internet Explorer
OriginalFilename: ielowutil
LegalCopyright: © Microsoft Corporation. All rights reserved.
Comments: Internet Low-Mic Utility Tool
PrivateBuild: 8.5.6.7
ProductVersion: 8.5.6.7
Translation: 0x0409 0x04b0

Jaiko.2752 also known as:

LionicTrojan.Win32.Yakes.4!c
MicroWorld-eScanGen:Variant.Jaiko.2752
FireEyeGeneric.mg.198be379656e57b6
SkyhighBehavesLike.Win32.Infected.dh
McAfeeArtemis!198BE379656E
MalwarebytesCrypt.Trojan.Malicious.DDS
VIPREGen:Variant.Jaiko.2752
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 004f85331 )
BitDefenderGen:Variant.Jaiko.2752
K7GWTrojan-Downloader ( 004f85331 )
Cybereasonmalicious.a65887
BitDefenderThetaGen:NN.ZexaF.36792.qu0@aO4bWqni
VirITTrojan.Win32.Dnldr25.LLP
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Smokeloader.A
CynetMalicious (score: 99)
APEXMalicious
KasperskyTrojan.Win32.Yakes.sutw
AlibabaTrojanDownloader:Win32/Yakes.224dd582
NANO-AntivirusTrojan.Win32.Yakes.emxlwf
RisingDownloader.Zurgop!8.4BB (TFE:5:6bNNpv35fsS)
EmsisoftGen:Variant.Jaiko.2752 (B)
F-SecureTrojan.TR/Crypt.XPACK.vqxpd
DrWebTrojan.DownLoader25.7737
ZillyaTrojan.Yakes.Win32.63314
TrendMicroMal_MiliCry-1h
Trapminesuspicious.low.ml.score
SophosMal/Generic-S
IkarusTrojan-Spy.Remcos
GDataGen:Variant.Jaiko.2752
JiangminTrojan.Yakes.wdo
AviraTR/Crypt.XPACK.vqxpd
Antiy-AVLTrojan/Win32.Yakes
Kingsoftmalware.kb.a.996
XcitiumMalware@#1j9p45guh56eu
ArcabitTrojan.Jaiko.DAC0
ZoneAlarmTrojan.Win32.Yakes.sutw
MicrosoftTrojanDownloader:Win32/Dofoil!rfn
GoogleDetected
VBA32BScope.Trojan.Fuerboos
ALYacGen:Variant.Jaiko.2752
MAXmalware (ai score=82)
DeepInstinctMALICIOUS
Cylanceunsafe
PandaTrj/CI.A
TrendMicro-HouseCallMal_MiliCry-1h
TencentMalware.Win32.Gencirc.114937b2
MaxSecureTrojan.Malware.10813160.susgen
FortinetW32/Zurgop.CO!tr.dldr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Jaiko.2752?

Jaiko.2752 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment