Johnnie.161473 malicious file

The Johnnie.161473 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Johnnie.161473 virus can do?

CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Johnnie.161473?


File Info:
name: 764C7E2A8D3E65D11E7C.mlw
path: /opt/CAPEv2/storage/binaries/0523c53a91783147020da15ad5a5ba04470c479c8ddf732d983cc593e4cdeb24
crc32: FC96A0C4
md5: 764c7e2a8d3e65d11e7c1c1c1e626dda
sha1: a5b74dad7adcbf9dce252b06d8c4f2d352e09183
sha256: 0523c53a91783147020da15ad5a5ba04470c479c8ddf732d983cc593e4cdeb24
sha512: c8af35a698aa15a2b6becf18edfe138b0fe1263c0be397f28161174b9049a40e585349c75f45b9acf1aa99dbd302eb2639c7660d6cd12b819c5155528cf9eec1
ssdeep: 192:pALmC0Yx5ty0jSgR+w/r1NZmuLKnloYU45gJcIhfjCCv8zy026KDE:p4L0K5ty9gRf1PVLf459Qfj58zyCKD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E572293163988272CFEC47B54C2359180274EE0BC1A6FF3E69C4A97E4EA3742C752769
sha3_384: 147e33f15c8ded1dd5a4471f44325c87b9a287de54ee481b641db65285775a4ca4a5c0400c49e0c10f304be6e8815355
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-08-21 21:03:57

Version Info:
0: [No Data]

Johnnie.161473 also known as:

Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Johnnie.161473
FireEye	Generic.mg.764c7e2a8d3e65d1
CAT-QuickHeal	Trojan.YakbeexMSIL.ZZ4
McAfee	GenericRXVY-XQ!764C7E2A8D3E
Cylance	unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 004a9b1b1 )
Alibaba	Trojan:MSIL/GenMaliciousA.e048bd1c
K7GW	Trojan ( 004a9b1b1 )
Cybereason	malicious.a8d3e6
BitDefenderTheta	Gen:NN.ZemsilF.36250.bqW@aiT!K1
Cyren	W32/ABRisk.HECJ-2184
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.BBQ
APEX	Malicious
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Johnnie.161473
NANO-Antivirus	Trojan.Win32.Agent.dkfrzo
Avast	Win32:GenMaliciousA-HFX [Trj]
Tencent	Malware.Win32.Gencirc.13b8b24c
TACHYON	Trojan/W32.DN-Small.16384.N
Emsisoft	Gen:Variant.Johnnie.161473 (B)
F-Secure	Packed:W32/DonutCrypt.A
DrWeb	Trojan.DownLoader23.49596
VIPRE	Gen:Variant.Johnnie.161473
TrendMicro	TROJ_GEN.R002C0GEF23
McAfee-GW-Edition	GenericRXVY-XQ!764C7E2A8D3E
Sophos	Mal/Generic-S
Ikarus	Trojan.Msil
GData	Gen:Variant.Johnnie.161473
Jiangmin	TrojanDropper.MSIL.gsu
Avira	TR/Dropper.Gen
Antiy-AVL	Trojan/Win32.AGeneric
Arcabit	Trojan.Johnnie.D276C1
ViRobot	Trojan.Win.Z.Johnnie.16384
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5427654
VBA32	Malware-Cryptor.MSIL.gen.6
ALYac	Gen:Variant.Johnnie.161473
MAX	malware (ai score=100)
Malwarebytes	Backdoor.DarkComet
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002C0GEF23
Rising	Backdoor.DarkKomet!8.13E (CLOUD)
Yandex	Trojan.Agent!NJbqpRlOmOk
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.7164915.susgen
Fortinet	MSIL/Agent.LF!tr
AVG	Win32:GenMaliciousA-HFX [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Johnnie.161473?

Johnnie.161473 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X