Trojan

MemScan:Trojan.Generic.62525 removal instruction

Malware Removal

The MemScan:Trojan.Generic.62525 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What MemScan:Trojan.Generic.62525 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • HTTPS urls from behavior.
  • Attempts to modify Internet Explorer’s start page
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to identify installed AV products by registry key
  • Attempts to modify proxy settings

How to determine MemScan:Trojan.Generic.62525?


File Info:

name: 657FABCB9803EDA02894.mlw
path: /opt/CAPEv2/storage/binaries/d5685dfee1aa30e1df13e0592deadfb9312863c6063330ec67a1f2f2eda54bc7
crc32: 01628516
md5: 657fabcb9803eda028948c584d99ac0f
sha1: cf9fc9c7d5daca76dff4efaddb307f4e8a9dc6b2
sha256: d5685dfee1aa30e1df13e0592deadfb9312863c6063330ec67a1f2f2eda54bc7
sha512: 80c3caa243936ace8e8ca975eaef93bbbc765988bf9e4ee2a76b57d17244cd7f9850295647d70528547a398475868dda06b805fc18992ee134727e38427a29bb
ssdeep: 1536:i7Sd58O1HWrblE0jsxMQRQuIZ+aMmt4JL3CUAGD6W5KkMh6vg2P5jyRzsWKOM:i79ltQRclJt4hyp2KJhUDZmwWKf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D8B3F1327881D27BD59240B110BAAB05A77B714507B282D3AE4471EA9FB3393B97F607
sha3_384: 3bfe19512f8a076d6cbab05c1b3e0a5f17f66d7d200140504230b2156f23583c5d1f25ab692e100a5763494e4f2dc09f
ep_bytes: 6a6068a0614000e8df0d0000bf940000
timestamp: 2007-09-03 05:14:52

Version Info:

0: [No Data]

MemScan:Trojan.Generic.62525 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Agent.4!c
MicroWorld-eScanMemScan:Trojan.Generic.62525
ClamAVWin.Trojan.Agent-55626
CMCGeneric.Win32.657fabcb98!MD
ALYacMemScan:Trojan.Generic.62525
VIPREMemScan:Trojan.Generic.62525
SangforSuspicious.Win32.Save.ins
K7AntiVirusHacktool ( 0052871a1 )
K7GWHacktool ( 0052871a1 )
Cybereasonmalicious.b9803e
CyrenW32/Trojan.ESPN-1427
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32multiple detections
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Agent.bgm
BitDefenderMemScan:Trojan.Generic.62525
NANO-AntivirusTrojan.Win32.Agent.cwwzo
AvastWin32:Agent-LYZ [Trj]
Ad-AwareMemScan:Trojan.Generic.62525
EmsisoftMemScan:Trojan.Generic.62525 (B)
ComodoMalware@#1fka9929h1qoc
DrWebTrojan.EmailSpy
ZillyaTrojan.Agent.Win32.781246
TrendMicroTROJ_AGENT.ZCS
McAfee-GW-EditionBehavesLike.Win32.Backdoor.ch
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.657fabcb9803eda0
SophosMal/Generic-R
SentinelOneStatic AI – Suspicious PE
GDataMemScan:Trojan.Generic.62525
JiangminTrojan/Agent.lfe
WebrootTrojan:Win32/Lodap!rts
AviraTR/Agent.atz.2
Antiy-AVLTrojan/Generic.ASMalwS.2D
KingsoftWin32.Troj.Generic.a.(kcloud)
ArcabitTrojan.Generic.DF43D
ViRobotTrojan.Win32.Agent.110592
MicrosoftPWS:Win32/Zbot!ml
GoogleDetected
McAfeeArtemis!657FABCB9803
VBA32Trojan.Agent
TrendMicro-HouseCallTROJ_AGENT.ZCS
RisingTrojan.DL.Win32.Delf.yuf (CLOUD)
YandexTrojan.GenAsa!VtYAha9hOLA
IkarusVirus.Virut
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.BGM!tr
BitDefenderThetaAI:Packer.94C4DC6C1C
AVGWin32:Agent-LYZ [Trj]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove MemScan:Trojan.Generic.62525?

MemScan:Trojan.Generic.62525 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment