Malware

How to remove “Johnnie.212248”?

Malware Removal

The Johnnie.212248 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Johnnie.212248 virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family

How to determine Johnnie.212248?



File Info:

name: BD5CB7C16B3C650FE6E0.mlw
path: /opt/CAPEv2/storage/binaries/870026d7ef21f7dc583c62f00a0885df0481ac811677992d0c55c7e5d66b7cd0
crc32: 104DCF6E
md5: bd5cb7c16b3c650fe6e0b8c893ff2790
sha1: 8ee4016eb3f26170abe79dcc53d2fa81e5d33764
sha256: 870026d7ef21f7dc583c62f00a0885df0481ac811677992d0c55c7e5d66b7cd0
sha512: c8ca26ba0622a08e61a3ca61e738edd16abd12a392637ce75df167100ffbb312116649a1367cc834eb4a2fc9e526ae8bf2c277d00a62433e7467c77c020a2820
ssdeep: 24576:sNjkhktY3q/6G/UFkdwbRuR/n4+6W8Mz1jxi1AcBcw/b:gF/pPb3cTT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T164759D50B6D116B8E6023478ED6B27CE7497FF040F1A0AC7D364BD2A56762C2993F68C
sha3_384: 79c94c1d1b370be6ce5cbae193c69cc2ab6a848b698c8417f5be9a1bbc27aac60273e4b8ac2732c3dff40b87aa1ab4e1
ep_bytes: 6a746858614b00e8ba06000033ff897d
timestamp: 2020-01-15 08:06:41


Version Info:

Comments: 呱呱视频聊天室
CompanyName: 浙江齐聚科技有限公司
FileDescription: 呱呱视频聊天室
FileVersion: 1.0.0000
InternalName: ChatHall.exe
LegalCopyright: Copyright (C) Qiju Technology All Rights Reserved
OriginalFilename: ChatHall.exe
ProductName: 呱呱聊天大厅
ProductVersion: 1.0.0000
Translation: 0x0804 0x03a8

Johnnie.212248 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Zpevdo.4!c
MicroWorld-eScanGen:Variant.Johnnie.212248
FireEyeGen:Variant.Johnnie.212248
SkyhighBehavesLike.Win32.BadFile.tc
McAfeeArtemis!BD5CB7C16B3C
MalwarebytesGeneric.Malware/Suspicious
SangforTrojan.Win32.Zpevdo.Vlsy
ArcabitTrojan.Johnnie.D33D18
BitDefenderGen:Variant.Johnnie.212248
RisingTrojan.Zpevdo!8.F912 (CLOUD)
EmsisoftGen:Variant.Johnnie.212248 (B)
VIPREGen:Variant.Johnnie.212248
GoogleDetected
MAXmalware (ai score=89)
MicrosoftTrojan:Win32/Zpevdo.A
GDataGen:Variant.Johnnie.212248
VaristW32/ABRisk.JIVL-3417
ALYacGen:Variant.Johnnie.212248
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H09LL23
MaxSecureTrojan.Malware.300983.susgen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Johnnie.212248?

Johnnie.212248 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment