Malware

Java:SMSSend-EK [Trj] removal

Malware Removal

The Java:SMSSend-EK [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Java:SMSSend-EK [Trj] virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Russian
  • Authenticode signature is invalid
  • Detects Bochs through the presence of a registry key
  • Checks the version of Bios, possibly for anti-virtualization
  • Attempted to write directly to a physical drive
  • Collects information to fingerprint the system

How to determine Java:SMSSend-EK [Trj]?



File Info:

name: F1F376EFC1730B41CB1C.mlw
path: /opt/CAPEv2/storage/binaries/0aa13ba7ff4bffeef5b0a2bd067660e37c57366fd1b95d12f40bac0b252b058a
crc32: 829E459E
md5: f1f376efc1730b41cb1c8f88f677e601
sha1: a25d0b4e25294f0fe54fd28dcba692769d45587f
sha256: 0aa13ba7ff4bffeef5b0a2bd067660e37c57366fd1b95d12f40bac0b252b058a
sha512: 6180ec01b95ad93c47096a2925eca6fafd101c5b1bbc8677ea7927d269647bb547f59cb4d627c2c184014abb95b35758c99d22a470630751d322229d61135fcf
ssdeep: 98304:KQmekpZdI2c/S3VtxkGM5tBIFNaqwmCNIDsh:KQmLZjcK3Vtx6t8gDNIDsh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B2E5AB96314E6A75CC8B2CF0B7C40F69FD52C4C1EDB3100652D6A57EDBA8C97D3A2A21
sha3_384: 7437d82db43935f0707cf0b7652c44ab5afdf4cddaa0fa79e16fadd9e5b1c03358b2243c1d5fdfe9d96e11cdef8b34d5
ep_bytes: 558bec6aff682030430068f890420064
timestamp: 2006-05-25 15:46:08


Version Info:

CompanyName: Bagirka&C                                                 
FileDescription: Setup Launcher                                                                                                                                                                                                                                                  
FileVersion: 2.2.34                                       
InternalName: Setup
LegalCopyright: Copyright (C) 2006 Macrovision Corporation                                                               
OriginalFilename: Setup.exe
ProductName: BookReader Trial                                          
ProductVersion: 2.2.34        
OLESelfRegister: 
Translation: 0x0419 0x04b0

Java:SMSSend-EK [Trj] also known as:

BkavW32.Common.CD41A2DC
Cylanceunsafe
AlibabaTrojan:Win32/Sowatohiko.067e9a07
KasperskyUDS:Trojan.Win32.Sowatohiko.gen
AvastJava:SMSSend-EK [Trj]
McAfee-GW-EditionArtemis
Antiy-AVLTrojan/Win32.Sowatohiko
KingsoftWin32.Trojan.Sowatohiko.gen
ZoneAlarmHEUR:Trojan.Win32.Sowatohiko.gen
McAfeeArtemis!F1F376EFC173
MAXmalware (ai score=84)
RisingTrojan.Sowatohiko!8.103DB (CLOUD)
MaxSecureTrojan.Malware.11354294.susgen
FortinetW32/PossibleThreat
AVGJava:SMSSend-EK [Trj]
DeepInstinctMALICIOUS

How to remove Java:SMSSend-EK [Trj]?

Java:SMSSend-EK [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment