Trojan

Java.Trojan.GenericGBA.31344 removal instruction

Malware Removal

The Java.Trojan.GenericGBA.31344 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Java.Trojan.GenericGBA.31344 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Created a process from a suspicious location
  • Installs itself for autorun at Windows startup
  • A script process created a new process

How to determine Java.Trojan.GenericGBA.31344?



File Info:

name: 186CE5D9F97CEA79FB79.mlw
path: /opt/CAPEv2/storage/binaries/09c6d0a51c277ee78fb2440e8a3727582f27c3d6c7a0d1b33f2ad003c57faeb2
crc32: 43B6917C
md5: 186ce5d9f97cea79fb791a82f8f22037
sha1: 03de480ea43c78070b611bd8ab849056be3bee63
sha256: 09c6d0a51c277ee78fb2440e8a3727582f27c3d6c7a0d1b33f2ad003c57faeb2
sha512: 2429d6ca69e11314076ea392d0d3f3b7c100fb77d7cd7a4107780947bf2ff997ba6ebe3047c4995a1fbe6015f7bb89a2d73962f2178f0fbb066c86cc0ce2b426
ssdeep: 196608:4TnudSqfMK7mEXIOXhsLb3UB0H7stjNvkMYr9SCknhUNp:46bMEXeb3f7EjiMYrIC4hUNp
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C9B6335C758118ADC684EC7679D71F071AA23CA1FBEDACC772A1853F8B53D92602890F
sha3_384: 9cbaa2b0ec00f1b79b79695a8a5c1bb1ad8c79800daa10ec5824ab64689b6a4b8c1eb8fdcabbb8dadfe4827ba2716dcd
ep_bytes: e864040000e988feffff3b0d68e64300
timestamp: 2021-06-11 09:16:47


Version Info:

0: [No Data]

Java.Trojan.GenericGBA.31344 also known as:

tehtrisGeneric.Malware
MicroWorld-eScanJava.Trojan.GenericGBA.31344
Elasticmalicious (high confidence)
APEXMalicious
BitDefenderJava.Trojan.GenericGBA.31344
FireEyeGeneric.mg.186ce5d9f97cea79
SophosMal/Miner-H
SentinelOneStatic AI – Malicious SFX
GDataJava.Trojan.GenericGBA.31344 (2x)
ArcabitJava.Trojan.GenericGBA.D7A70
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Trojan/Win32.Memz.C4205368
Acronissuspicious
ALYacJava.Trojan.GenericGBA.31344
MAXmalware (ai score=84)
Cybereasonmalicious.ea43c7

How to remove Java.Trojan.GenericGBA.31344?

Java.Trojan.GenericGBA.31344 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment