MemScan:Trojan.Prepender.G (file analysis)

The MemScan:Trojan.Prepender.G is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MemScan:Trojan.Prepender.G virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine MemScan:Trojan.Prepender.G?


File Info:
name: 95EA20DEF27E1728819D.mlw
path: /opt/CAPEv2/storage/binaries/208ed87fbaeb0def5fc369a32810d1a8de50e984da4e206d6e2775ea67ab98da
crc32: 7B815B76
md5: 95ea20def27e1728819deaba772c954b
sha1: f9f0f52cae37c7ac1bf358949416590f3d4ee7fc
sha256: 208ed87fbaeb0def5fc369a32810d1a8de50e984da4e206d6e2775ea67ab98da
sha512: 158c8bb283e9da589e72ed222d0d14cdf117592528e4136b4ff0365f78176a35be3129455149eb6bb976a56e5151ab314f2e873e8a99f47e8dec656e2f3718c5
ssdeep: 6144:BQXAzFC0j+eJ5tULCEkDL7lKbAlMg/yzNGp/Emt9fNPRdEtLLsjG2gphOi:hjEsBlMeL9B8/sjG2wOi
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F1D4D6009FF7A2B6EEA3E530077C72314665FD21072B92CB4A41E7699C366D1BA71372
sha3_384: 52dc8edf234d17ce3e346122716dc698450637149e587f9acec7b30ad1f05d939631e9437c2b1735092a05fe9229a2b6
ep_bytes: 
timestamp: 2008-04-13 18:36:08

Version Info:
0: [No Data]

MemScan:Trojan.Prepender.G also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Shohdi.4!c
Skyhigh	Artemis
Sangfor	Suspicious.Win32.Save.ins
VirIT	Win32.Shohdi.A
Sophos	Generic ML PUA (PUA)
VIPRE	MemScan:Trojan.Prepender.G
Google	Detected
Antiy-AVL	Virus/Win32.Shohdi.b
VBA32	Virus.Shohdi.2120A
ALYac	MemScan:Trojan.Prepender.G
Malwarebytes	Generic.Malware.AI.DDS
Rising	Virus.Shodi!1.9B9C (CLASSIC)
Ikarus	Trojan.Patched
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Shodi.I!tr
DeepInstinct	MALICIOUS

How to remove MemScan:Trojan.Prepender.G?

MemScan:Trojan.Prepender.G removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X