Malware

Johnnie.367454 removal guide

Malware Removal

The Johnnie.367454 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Johnnie.367454 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Sniffs keystrokes
  • Creates known Njrat/Bladabindi RAT registry keys

How to determine Johnnie.367454?



File Info:

name: 55604D6C2175841EBBA1.mlw
path: /opt/CAPEv2/storage/binaries/dedf650b63373616808dc347689e0e6648c4bd6c0fc134881a6da49e6d60c561
crc32: 012E5DEC
md5: 55604d6c2175841ebba15833d3ac7d71
sha1: e8230d96b61c5eaa6030e15b0321832946811936
sha256: dedf650b63373616808dc347689e0e6648c4bd6c0fc134881a6da49e6d60c561
sha512: 63e6d91f40e03221cd0a526fa0de929ab4586eae4a113a3f7dad166e737ceed0203338879cebf1078258240ae29111fa6a1476b7162a8f240a0e643da12be644
ssdeep: 1536:G/fVrdBmtOUNXucZyjT2O9Slp92gmoqax8h:G/RdBm7wtI/5qph
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E0147BF6F613F1B1F8583EB07A12D2F0C37EAD605D70E66B3508BE4A2D3E1A86115526
sha3_384: b2771a33658a93a1de049f82c90474f9ddbfd8412cf9b562640915966705b10eee7096d4d7a78d5abb4862fd60585af2
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-07-02 17:52:22


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Host
FileVersion: 1.0.0.0
InternalName: Host.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: Host.exe
ProductName: Host
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Johnnie.367454 also known as:

BkavW32.AIDetectNet.01
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Johnnie.367454
FireEyeGeneric.mg.55604d6c2175841e
ALYacGen:Variant.Johnnie.367454
CylanceUnsafe
VIPREGen:Variant.Johnnie.367454
SangforTrojan.Win32.Generic.ky
K7AntiVirusTrojan ( 005414d51 )
AlibabaTrojan:MSIL/Kryptik.3973d6d6
K7GWTrojan ( 005414d51 )
Cybereasonmalicious.c21758
VirITTrojan.Win32.Bladabindi.CHKK
CyrenW32/MSIL_Kryptik.AWF.gen!Eldorado
SymantecBackdoor.Ratenjay
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.WSZ
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Johnnie.367454
NANO-AntivirusTrojan.Win32.Kryptik.homevq
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.11a2ae1f
Ad-AwareGen:Variant.Johnnie.367454
SophosML/PE-A
ComodoMalware@#tcwab5dat99i
DrWebTrojan.DownLoader33.61699
TrendMicroTROJ_GEN.R002C0PGH22
McAfee-GW-EditionGenericRXLK-YQ!55604D6C2175
EmsisoftGen:Variant.Johnnie.367454 (B)
IkarusTrojan.MSIL.Krypt
GDataGen:Variant.Johnnie.367454
JiangminTrojan.Generic.fpzqb
AviraHEUR/AGEN.1241440
MAXmalware (ai score=82)
Antiy-AVLTrojan/Generic.ASMalwS.3DAC
KingsoftWin32.Troj.Undef.(kcloud)
ArcabitTrojan.Johnnie.D59B5E
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftBackdoor:MSIL/Bladabindi
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/MSILKrypt14.Exp
Acronissuspicious
McAfeeGenericRXLK-YQ!55604D6C2175
TrendMicro-HouseCallTROJ_GEN.R002C0PGH22
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:O9cwpt3tHIAO/EtphaFqvQ)
YandexTrojan.Kryptik!/Fr4d0eCZ9E
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/GenKryptik.CRFH!tr
BitDefenderThetaGen:NN.ZemsilF.34786.lm0@a8ikxMo
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Johnnie.367454?

Johnnie.367454 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment