Jatif.2400 malicious file

Malware Removal

The Jatif.2400 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Jatif.2400 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (4 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • A process created a hidden window
  • Performs some HTTP requests

Related domains:

www.christchurchmvl.org
ocsp.comodoca.com
ocsp.usertrust.com

How to determine Jatif.2400?


File Info:

crc32: B3DA844C
md5: e7cee2743a6d7a9b22467cd708d74b70
name: E7CEE2743A6D7A9B22467CD708D74B70.mlw
sha1: ecda3d965fdcb4fdf70927b34ec6ab664aa92ac1
sha256: b9b6c18dbbda4ba7e37262dd26c99e83846dc7aa018d21fcd6d63e5e62878933
sha512: 85e2e5ff3f263b75828b435b7d7208809e8129b303bd39a661e2d4af2cbdc48a34a9b5d20776b40577519964721c957111dab052ea355c17233494a888fdb680
ssdeep: 24576:NVUpKJdaWTVE6LwF5oSZc1HHZZZ6OEtdi:UId1+6cjoSMHHZZZ6OEtdi
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: TeamViewer Germany GmbH
InternalName: TeamViewer
FileVersion: 15.13.6.0
CompanyName: TeamViewer Germany GmbH
LegalTrademarks: TeamViewer
ProductName: TeamViewer
ProductVersion: 15.13.6.0
FileDescription: TeamViewer
OriginalFilename: TeamViewer_Note.exe
Translation: 0x0409 0x04b0

Jatif.2400 also known as:

LionicTrojan.Win32.Alien.4!c
MicroWorld-eScanGen:Variant.Jatif.2400
CylanceUnsafe
AlibabaTrojan:Win32/Alien.408f0068
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
CyrenW32/Trojan.NXGM-0013
AvastWin32:DangerousSig [Trj]
KasperskyTrojan.Win32.Alien.mdl
BitDefenderGen:Variant.Jatif.2400
Ad-AwareGen:Variant.Jatif.2400
SophosMal/Generic-S
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis
FireEyeGen:Variant.Jatif.2400
EmsisoftGen:Variant.Jatif.2400 (B)
JiangminTrojan.Alien.na
WebrootW32.Malware.Gen
MicrosoftTrojan:Win32/Sehyioa.A!cl
ArcabitTrojan.Jatif.D960
ZoneAlarmTrojan.Win32.Alien.mdl
GDataGen:Variant.Jatif.2400
McAfeeArtemis!E7CEE2743A6D
MAXmalware (ai score=89)
VBA32Trojan.Alien
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002H07FM21
MaxSecureTrojan.Malware.73761253.susgen
FortinetW32/Alien.MDL!tr
AVGWin32:DangerousSig [Trj]
Paloaltogeneric.ml

How to remove Jatif.2400?

Jatif.2400 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment