Malware

MalCert-S.CQ (A) removal tips

Malware Removal

The MalCert-S.CQ (A) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MalCert-S.CQ (A) virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Creates a hidden or system file
  • Attempts to create or modify system certificates
  • Anomalous binary characteristics

Related domains:

i.imgur.com

How to determine MalCert-S.CQ (A)?



File Info:

crc32: 140DE48F
md5: 60d1abd05c1ba955d167bdc1118018b4
name: upload_file
sha1: ffc97fcf9611a0fe880cbaffff1be1d6fbf60fb1
sha256: 4da8564def807d49cf9d45fcad3e9201344732a49aea4261ab05b8b43cb3adae
sha512: 8ffdfb56e5e4f98fdea66b64876e584a5c2547fb1890969de6053421ae4e7408bdb93d5fb68f0edb0149974783b0d320c76b00ec0f7903570c5102df3441b97e
ssdeep: 24576:4I+nN/3iMvbMVqGtWdne/F9kG8Mlp++kFvSsfVU:4I+nByMp9eweyzfVU
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows


Version Info:

LegalCopyright: 
InternalName: WinLicense
FileVersion: 3.3.2.2
CompanyName: WinLicense
LegalTrademarks: 
Comments: 
ProductName: 
ProductVersion: 1.1.1.2
FileDescription: Professional Software Protection
OriginalFilename: 
Translation: 0x400a 0x04e4

MalCert-S.CQ (A) also known as:

DrWebBackDoor.Rat.293
MicroWorld-eScanTrojan.GenericKD.44149497
McAfeeArtemis!60D1ABD05C1B
VIPRETrojan.Win32.Generic!BT
BitDefenderTrojan.GenericKD.44149497
ArcabitTrojan.Generic.D2A1AAF9
InvinceaMal/Generic-S
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/GenCBL.BZ
KasperskyHEUR:Backdoor.Win32.Konus.gen
AlibabaBackdoor:Win32/GenCBL.55521ad3
Ad-AwareTrojan.GenericKD.44149497
EmsisoftMalCert-S.CQ (A)
Comodofls.noname@0
F-SecureTrojan.TR/Bulta.nclqo
McAfee-GW-EditionArtemis!Trojan
FireEyeTrojan.GenericKD.44149497
SophosMal/Generic-S
AviraTR/Bulta.nclqo
MicrosoftTrojanDownloader:O97M/Obfuse.TB!MTB
ZoneAlarmHEUR:Backdoor.Win32.Konus.gen
GDataTrojan.GenericKD.44149497
ALYacTrojan.GenericKD.44149497
MAXmalware (ai score=83)
VBA32BScope.Backdoor.Rat
IkarusTrojan.Win32.Gencbl
FortinetW32/GenCBL.BZ!tr
WebrootW32.Trojan.Gen
AVGWin32:DangerousSig [Trj]
AvastWin32:DangerousSig [Trj]
Qihoo-360Win32/Trojan.9ad

How to remove MalCert-S.CQ (A)?

MalCert-S.CQ (A) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment