Malware

Johnnie.369294 malicious file

Malware Removal

The Johnnie.369294 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Johnnie.369294 virus can do?

  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Johnnie.369294?



File Info:

name: E9333F493CC46C4579A6.mlw
path: /opt/CAPEv2/storage/binaries/5e271a23bf6fc3c018674a361715554ee54a6a7d488e01b7d8217cc9c7fa76ab
crc32: 70D66116
md5: e9333f493cc46c4579a6f3c080cf8321
sha1: d2ff304bf42bcb052aedb3e505c1ee063e54dd98
sha256: 5e271a23bf6fc3c018674a361715554ee54a6a7d488e01b7d8217cc9c7fa76ab
sha512: 81ae1aa5e6ccab12bdcb8f9a83c81f10f52988d76e2d92aa327937fd3f9b17664f2c75e599d1e8c9c39a8c65a18628287ef65cc3912719e323b36b606e81bc70
ssdeep: 6144:Vg3d2kFSt+Vb/u6qZ2r+VN4SuGJLIMSrQhf9uwMg2aGiZApsSj/hWWTFaWTMbAP:/kFR/5qQKEXgSchVung2LpsSrcW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ABB40110F3C156A8D57C1B7D4861930107B3E70A9269EB9E2CF8B1AE0E733C156A6ED7
sha3_384: 89772cf3973d94c3f8c7a58490b37aebbf2dd65bfa3f58154bd50e4dc12a6912ee5bf5c16403710c4ff57d77d3797dba
ep_bytes: ff250020400000000000000000000000
timestamp: 2064-05-10 09:19:14


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Get key Activate S - 400 RAT v1.0 By FC
FileVersion: 1.0.0.0
InternalName: Get key Activate s400 RAT v1.0 By FC.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Get key Activate s400 RAT v1.0 By FC.exe
ProductName: Get key Activate S - 400 RAT v1.0 By FC
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Johnnie.369294 also known as:

LionicTrojan.MSIL.Witch.4!c
MicroWorld-eScanGen:Variant.Johnnie.369294
FireEyeGeneric.mg.e9333f493cc46c45
CAT-QuickHealTrojan.MsilFC.S24738253
McAfeeRDN/Generic.com
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:MSIL/Bladabindi.943fe3d6
K7GWRiskware ( 0040eff71 )
BitDefenderThetaGen:NN.ZemsilF.34114.Em0@aGgTDeh
CyrenW32/Trojan.YFHP-2982
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Generik.DWHDMXW
APEXMalicious
KasperskyHEUR:Backdoor.MSIL.Bladabindi.gen
BitDefenderGen:Variant.Johnnie.369294
AvastMSIL:Agent-CIB [Trj]
Ad-AwareGen:Variant.Johnnie.369294
DrWebBackDoor.BladabindiNET.23
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PGM21
McAfee-GW-EditionBehavesLike.Win32.Generic.gc
EmsisoftGen:Variant.Johnnie.369294 (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Johnnie.369294
JiangminTrojan.MSIL.aguiz
eGambitUnsafe.AI_Score_75%
ArcabitTrojan.Johnnie.D5A28E
MicrosoftTrojan:Win32/Mamson.A!ac
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4582972
VBA32TScope.Trojan.MSIL
ALYacGen:Variant.Johnnie.369294
MAXmalware (ai score=81)
MalwarebytesMalware.AI.2848950675
TrendMicro-HouseCallTROJ_GEN.R002C0PGM21
IkarusTrojan.SuspectCRC
MaxSecureTrojan.Malware.108560625.susgen
FortinetPossibleThreat
AVGMSIL:Agent-CIB [Trj]
Cybereasonmalicious.bf42bc
PandaTrj/GdSda.A

How to remove Johnnie.369294?

Johnnie.369294 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment