Malware

About “Mal/Shiz-A” infection

Malware Removal

The Mal/Shiz-A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mal/Shiz-A virus can do?

  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Binary file triggered YARA rule
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Mal/Shiz-A?



File Info:

name: 339BB987C4DC31967B40.mlw
path: /opt/CAPEv2/storage/binaries/c858f7cc08be726124d8357332dfaa7b0a1f38c7fc6fcba237dc220b859e4d32
crc32: D29632D7
md5: 339bb987c4dc31967b40abeaab9ebcd9
sha1: b77c361ae4b213e07a12f7d6234ae44dae311ad8
sha256: c858f7cc08be726124d8357332dfaa7b0a1f38c7fc6fcba237dc220b859e4d32
sha512: 684967b46bb12c97a9e06925dbe9086b86da65bb04803fad1777b3b6e216ae57e90f67d15983fc9fcafcecef1a906a51d2d17380b3709b2c3a5a522dbe51a069
ssdeep: 768:E5rlx55fEv5Cg6li1CiLjh+oQzMqR4EIcd3JH6I:Ylf5fzMIL4ERJaI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T121041933D651C397C2E436BF2B3062B8426E282C15649D5F974CF65E29E2FD15A3A306
sha3_384: c59b05772e661f9765ceba139ad86e54e8efa5f2562fb09c0a3d965d15880d75dd1fa6d0a3550668058c2c69d12dd969
ep_bytes: 558bec5668040100006808a4420033f6
timestamp: 2015-08-21 10:28:13


Version Info:

0: [No Data]

Mal/Shiz-A also known as:

BkavW32.AIDetectMalware
AVGWin32:Shifu-B [Trj]
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur.luW@X!opzxm
CAT-QuickHealTrojan.MauvaiseRI.S5248200
SkyhighBehavesLike.Win32.Generic.cz
McAfeeGenericRXCU-BL!339BB987C4DC
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.Shifu.Win32.1748
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005b3dbb1 )
K7GWTrojan ( 005b3dbb1 )
BitDefenderThetaAI:Packer.5339556A1B
VirITTrojan.Win32.MulDrop7.BENL
SymantecSMG.Heur!gen
ESET-NOD32a variant of Win32/Spy.Shiz.NCR
CynetMalicious (score: 100)
APEXMalicious
AvastWin32:Shifu-B [Trj]
ClamAVWin.Trojan.Gamarue-9832405-0
KasperskyTrojan-Banker.Win32.Shifu.eph
BitDefenderGen:Trojan.Heur.luW@X!opzxm
TencentTrojan.Win32.Shifu.wb
EmsisoftGen:Trojan.Heur.luW@X!opzxm (B)
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.MulDrop26.36932
VIPREGen:Trojan.Heur.luW@X!opzxm
TrendMicroTrojanSpy.Win32.SHIZ.SMTH
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.339bb987c4dc3196
SophosMal/Shiz-A
IkarusTrojan-Spy.Win32.Shiz
JiangminTrojan.Yakes.akc
WebrootW32.Infostealer.Shifu
VaristW32/Shifu.A.gen!Eldorado
AviraTR/Dropper.Gen
Antiy-AVLTrojan[Spy]/Win32.Shiz
Kingsoftmalware.kb.a.1000
MicrosoftTrojan:Win32/Upatre!pz
XcitiumTrojWare.Win32.Spy.Shiz.NCA@8m98i8
ArcabitTrojan.Heur.E9EB51
ZoneAlarmTrojan-Banker.Win32.Shifu.eph
GDataWin32.Trojan-Spy.Shiz.D
GoogleDetected
AhnLab-V3Trojan/Win.Shifu.R638606
Acronissuspicious
VBA32BScope.TrojanBanker.Shifu
ALYacGen:Trojan.Heur.luW@X!opzxm
TACHYONBanker/W32.Shifu.180736
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTrojanSpy.Win32.SHIZ.SMTH
RisingTrojan.Shifu!1.A8EF (CLASSIC)
YandexTrojan.GenAsa!zlrAhKZjOyI
MAXmalware (ai score=81)
MaxSecureBanker.Shifu.EPA
FortinetW32/Shiz.NCR!tr.spy
DeepInstinctMALICIOUS

How to remove Mal/Shiz-A?

Mal/Shiz-A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment