Malware

Should I remove “Mal/Behav-104”?

Malware Removal

The Mal/Behav-104 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mal/Behav-104 virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization
  • Binary file triggered YARA rule
  • Touches a file containing cookies, possibly for information gathering
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Mal/Behav-104?



File Info:

name: 08CB321A3B5C45482A62.mlw
path: /opt/CAPEv2/storage/binaries/7580da5e10c454b8f2a514fa38de0eebeb6116754a20b8f6ea93f766416c7473
crc32: 17EB0573
md5: 08cb321a3b5c45482a62f3dd7edacb4f
sha1: bcbd27cd4a9fb52ccb11570719484d6296978547
sha256: 7580da5e10c454b8f2a514fa38de0eebeb6116754a20b8f6ea93f766416c7473
sha512: bf82a6af6e1c6a737bd880375cd86c9dec57698462f060cabfd6b4bd395bb0f7e411c4f4b986924732deaf473d0a03210cfbbf260c34f395a8ee94a522c6ed09
ssdeep: 3072:nOjguyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPr:nSs9OKofHfHTXQLzgvnzHPowYbvrjD/2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T114D3495AF403A5F3DE154CFC47C7F2BF4A206D74A0144E46D789EE2AE872C9426ADB06
sha3_384: 57ebcee9e676b8724ad2fe927c9d971e78ea6c63c1d69b88d29ef49688ef04d6c08a7dfd42f14f3912d6f6ee46550dff
ep_bytes: 5589e583ec08c7042402000000ff159c
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Mal/Behav-104 also known as:

BkavW32.AIDetectMalware
AVGWin32:TrojanX-gen [Trj]
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKDZ.96072
FireEyeGeneric.mg.08cb321a3b5c4548
SkyhighBehavesLike.Win32.Mytob.cm
ALYacTrojan.GenericKDZ.96072
Cylanceunsafe
ZillyaTrojan.Small.Win32.103560
SangforVirus.Win32.Save.a
K7GWTrojan ( 001183dd1 )
K7AntiVirusTrojan ( 001183dd1 )
BitDefenderThetaAI:Packer.E9EC9D691D
SymantecW32.Mydoom.B@mm
ESET-NOD32a variant of Win32/Agent.NHB
CynetMalicious (score: 100)
APEXMalicious
AvastWin32:TrojanX-gen [Trj]
ClamAVWin.Malware.Generickdz-9918324-0
KasperskyTrojan.Win32.Small.acli
BitDefenderTrojan.GenericKDZ.96072
NANO-AntivirusTrojan.Win32.Mudrop.kinhhi
TencentTrojan.Win32.Small.za
EmsisoftTrojan.GenericKDZ.96072 (B)
F-SecureTrojan.TR/Proxy.Gen
DrWebTrojan.DownLoader8.56532
VIPRETrojan.GenericKDZ.96072
Trapminemalicious.high.ml.score
SophosMal/Behav-104
JiangminTrojanDropper.Mudrop.cbn
VaristW32/Agent.KKQN-1264
AviraTR/Proxy.Gen
MAXmalware (ai score=85)
Antiy-AVLTrojan/Win32.Small
Kingsoftmalware.kb.a.1000
MicrosoftTrojan:Win32/MyDoom!pz
ArcabitTrojan.Generic.D17748
ZoneAlarmTrojan.Win32.Small.acli
GDataWin32.Trojan.PSE.1D508NL
GoogleDetected
AhnLab-V3Trojan/Win.Vindor.R590668
McAfeeW32/Mytob.gen@MM.i
VBA32BScope.Trojan-Spy.Zbot
MalwarebytesGeneric.Malware.AI.DDS
PandaW32/MyDoom.IC.worm
RisingWorm.Agent!1.C364 (CLASSIC)
YandexTrojan.GenAsa!q1iGQt0wAtk
IkarusTrojan.Win32.Mydoom
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.NHB!worm
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Small.ACLI(dyn)

How to remove Mal/Behav-104?

Mal/Behav-104 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment