Malware

Johnnie.246515 removal tips

Malware Removal

The Johnnie.246515 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Johnnie.246515 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to identify installed analysis tools by a known file location
  • Detects the presence of Wine emulator via registry key
  • Detects VirtualBox through the presence of a device
  • Detects VMware through the presence of a device
  • Checks for a known DeepFreeze Frozen State Mutex

How to determine Johnnie.246515?



File Info:

name: 004EF6C3F4FAB93314BD.mlw
path: /opt/CAPEv2/storage/binaries/7dd8c6cb1a01becbc4579806b1279de2c535743641bf17351dec8acdbd63de70
crc32: DA44A501
md5: 004ef6c3f4fab93314bd9e97f8066cfe
sha1: 2ce5dcc41e97d1e26895a3265519fee345d2391c
sha256: 7dd8c6cb1a01becbc4579806b1279de2c535743641bf17351dec8acdbd63de70
sha512: ebe572e2c5f9ffbc70570259cce5de8e2b3afaa807280d4ac0c49dd1f58c61592443cbe9d1a4a4a8f03a7feab5979d63433fb0335e63f2c3bf5cea3495d6d204
ssdeep: 6144:XsWF1YY3MUdtEeOkjbk78G3U4BduF4I94noKL5:888UdtEOfkgqBduF4
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F064F230B5924433D9A3EA304BB597B2E57AA441273417DB17683A3C6F321F2DA3971B
sha3_384: 143a287fcdeecbc47ff4f4a635063677991c799a5fe305138065ac61c796048905e418af6b7cda49a89733c1625adf09
ep_bytes: e81d160000e989feffff8bff558bec8b
timestamp: 2014-02-24 11:26:05


Version Info:

CompanyName: Xy9f391VQ87
FileDescription: R6R0X5b60B
FileVersion: 3.4.9.4
InternalName: je09S7aj957.exe
LegalCopyright: Copyright В© 2006
OriginalFilename: je09S7aj957.exe
ProductVersion: 3.4.9.4
Translation: 0x0409 0x04e6

Johnnie.246515 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Johnnie.246515
ClamAVWin.Trojan.Tepfer-573
FireEyeGeneric.mg.004ef6c3f4fab933
McAfeeGenericR-DDI!004EF6C3F4FA
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
K7GWSpyware ( 004b8a241 )
K7AntiVirusSpyware ( 004b8a241 )
VirITTrojan.Win32.Generic.ADTM
CyrenW32/A-a986563d!Eldorado
SymantecTrojan.Gen
tehtrisGeneric.Malware
ESET-NOD32Win32/Spy.Zbot.YW
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Johnnie.246515
NANO-AntivirusTrojan.Win32.Tepfer.ctxrsb
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.10bcf537
Ad-AwareGen:Variant.Johnnie.246515
SophosML/PE-A + Mal/Zbot-UN
DrWebTrojan.PWS.Panda.5255
VIPREGen:Variant.Johnnie.246515
McAfee-GW-EditionGenericR-DDI!004EF6C3F4FA
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Johnnie.246515 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Johnnie.246515
JiangminTrojan/PSW.Tepfer.caly
AviraHEUR/AGEN.1229128
MAXmalware (ai score=80)
Antiy-AVLTrojan/Generic.ASMalwS.17F
ArcabitTrojan.Johnnie.D3C2F3
MicrosoftPWS:Win32/Zbot!CI
GoogleDetected
VBA32TrojanPSW.Tepfer
ALYacGen:Variant.Johnnie.246515
TACHYONTrojan-PWS/W32.Tepfer.326144
MalwarebytesMalware.Heuristic.1001
RisingSpyware.Zbot!8.16B (TFE:1:uTfotpZ9YCN)
YandexTrojan.PWS.Tepfer!wWLX+Y53tIE
IkarusTrojan.Win32.Qadars
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Tepfer.TGRP!tr
BitDefenderThetaAI:Packer.8E960C3A20
AVGWin32:Trojan-gen
Cybereasonmalicious.3f4fab
PandaTrj/Genetic.gen

How to remove Johnnie.246515?

Johnnie.246515 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment