Malware

Mal/Generic-S + W32/OYSoul-Gen removal guide

Malware Removal

The Mal/Generic-S + W32/OYSoul-Gen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mal/Generic-S + W32/OYSoul-Gen virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality

How to determine Mal/Generic-S + W32/OYSoul-Gen?



File Info:

name: 8E396D6EA2015A72E0BC.mlw
path: /opt/CAPEv2/storage/binaries/7e1e7c0f9fd9109188ed089a8d8b5cc5f1d0c8e9a23c9379d78d71614d148fc0
crc32: 9056A94F
md5: 8e396d6ea2015a72e0bcf25590d7d399
sha1: bd7af29068d448573847748862ba86772789a742
sha256: 7e1e7c0f9fd9109188ed089a8d8b5cc5f1d0c8e9a23c9379d78d71614d148fc0
sha512: 6c1cf433299f368273b53b18f3bb5936344f5eb7208e5ef7f396f2c4e1335a2e038709ee8ceb49f7a5eefc416b33d26d3071a33301e79d9d178fdb867146398c
ssdeep: 49152:8HjOhqCkIgekqxLwlREMdPmQ+QVeGZr5AywvEzZ2WFeZkP9aiK:j18ekqxLpcrqf8NzFeZkP9aiK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ABE58E22E6A0C0A5D42EC4798586F675C2717C016F368EF7E5997B0E2E336E15D3C32A
sha3_384: 5d4d5f1b974cc905125949b3ddf2149c492a4304db501240406aff9c789d31b7a7a5b12fdddbb547a73f84c50b6d80d7
ep_bytes: 60be003041008dbe00e0feff5783cdff
timestamp: 2008-06-09 03:48:26


Version Info:

Translation: 0x0804 0x04b0
CompanyName: 2146
ProductName:  
FileVersion: 1.00
ProductVersion: 1.00
InternalName: avp
OriginalFilename: avp.exe

Mal/Generic-S + W32/OYSoul-Gen also known as:

BkavW32.FamVT.VB.SoulPack.PE
Elasticmalicious (high confidence)
FireEyeGeneric.mg.8e396d6ea2015a72
ALYacWin32.Worm.SoulClose.C
CylanceUnsafe
VIPREVirus.Win32.Soulclose.a (v)
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0015e4f01 )
BitDefenderWin32.Worm.SoulClose.C
K7GWRiskware ( 0015e4f01 )
Cybereasonmalicious.ea2015
BitDefenderThetaAI:Packer.93ADAC2E20
CyrenW32/Worm.Soul.gen!Eldorado
SymantecW32.Fujacks.C
ESET-NOD32Win32/VB.NOY
BaiduWin32.Worm.VB.bc
TrendMicro-HouseCallTROJ_GEN.R03BC0CAC22
AvastWin32:VB-JGI
CynetMalicious (score: 100)
KasperskyVirus.Win32.VB.lc
NANO-AntivirusVirus.Win32.VB.bpcbgk
MicroWorld-eScanWin32.Worm.SoulClose.C
RisingSpyware.Zbot!1.648A (RDMK:cmRtazqLDg4ulrx7OkcIBzYKfc32)
Ad-AwareWin32.Worm.SoulClose.C
SophosMal/Generic-S + W32/OYSoul-Gen
ComodoWorm.Win32.VB.NOY@bf0m
DrWebWin32.HLLP.Soul
ZillyaVirus.VB.Win32.177
TrendMicroTROJ_GEN.R03BC0CAC22
McAfee-GW-EditionBehavesLike.Win32.Dropper.wh
EmsisoftWin32.Worm.SoulClose.C (B)
APEXMalicious
JiangminWorm.Generic.vk
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASBOL.21
MicrosoftVirus:Win32/Soulclose.A
SUPERAntiSpywareWorm.SoulClose
GDataWin32.Worm.SoulClose.C
SentinelOneStatic AI – Malicious PE
AhnLab-V3Win32/Soulclose.X1317
McAfeeArtemis!8E396D6EA201
MAXmalware (ai score=86)
VBA32Trojan.VBRA.07562
MalwarebytesMalware.AI.4289551135
TencentMalware.Win32.Gencirc.10b40d68
YandexWorm.VB!y/pweIhDvLs
MaxSecureVirus.W32.VB.lc
FortinetW32/VB.NOY!worm
AVGWin32:VB-JGI
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Mal/Generic-S + W32/OYSoul-Gen?

Mal/Generic-S + W32/OYSoul-Gen removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment