Malware

Midie.100502 removal tips

Malware Removal

The Midie.100502 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Midie.100502 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the embedded pe malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Midie.100502?


File Info:

name: 5BA1E648182CC2100DB2.mlw
path: /opt/CAPEv2/storage/binaries/072db09359ad34a39f5620c7865f6f1d3c4ac27f31c035a808eecfb928530ecf
crc32: E16C0B09
md5: 5ba1e648182cc2100db2f4fdf132fb7d
sha1: ceb26d851ebd99fab354242f06907ba46a9ffa83
sha256: 072db09359ad34a39f5620c7865f6f1d3c4ac27f31c035a808eecfb928530ecf
sha512: 7dfb324c722f9c6e325bbbfc4ffdd17d7b3ba3d2922ea3e447e02be63488149af0892ecc6250275a91a4134a8e0eaf8ce9a39d44bb419bade499396a89f53986
ssdeep: 768:zyr8hyt4pd04q0zik+vhy7g0EM/LinbQeHoEsED9:ekeEn3+pCg0EUGQeIEVD9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ABE3625FB3466699DE7950F426CD63D62CE2C5FC8623C291DB74A089F92CE2F0D0099B
sha3_384: 24aef1a084574d3097e4248ff507f0ee5505e6fa87649139f67487a4081eff4b9ffac41f28aa9f57a5a750aa16bd77dd
ep_bytes: 6878114000e8f0ffffff000000000000
timestamp: 2010-11-24 12:39:24

Version Info:

Translation: 0x0409 0x04b0
ProductName: iiXXuO
FileVersion: 8.90
ProductVersion: 8.90
InternalName: iiXXu
OriginalFilename: iiXXu.exe

Midie.100502 also known as:

BkavW32.AIDetectMalware
LionicWorm.Win32.VBNA.li7E
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Midie.100502
FireEyeGeneric.mg.5ba1e648182cc210
CAT-QuickHealWorm.VBNA.gen
SkyhighBehavesLike.Win32.VBObfus.cm
McAfeeDownloader-CJX.gen.l
Cylanceunsafe
VIPREGen:Variant.Midie.100502
SangforSuspicious.Win32.Save.vb
AlibabaWorm:Win32/vobfus.1030
K7GWTrojan ( 001f4fd41 )
K7AntiVirusTrojan ( 001f4fd41 )
BaiduWin32.Worm.VB.al
VirITTrojan.Win32.Generic.ALMT
SymantecW32.Changeup
Elasticmalicious (high confidence)
ESET-NOD32Win32/AutoRun.VB.XA
APEXMalicious
TrendMicro-HouseCallWORM_VOBFUS.SMIC
Paloaltogeneric.ml
ClamAVWin.Trojan.VB-1549
KasperskyWorm.Win32.VBNA.brqy
BitDefenderGen:Variant.Midie.100502
NANO-AntivirusTrojan.Win32.VBKrypt.dzolqd
SUPERAntiSpywareTrojan.Agent/Gen-FakeAlert
AvastWin32:AutoRun-BRC [Trj]
TencentWorm.Win32.VBNA.hc
EmsisoftGen:Variant.Midie.100502 (B)
F-SecureWorm:W32/Vobfus.AX
DrWebWin32.HLLW.Autoruner.36323
TrendMicroWORM_VOBFUS.SMIC
Trapminemalicious.high.ml.score
SophosMal/SillyFDC-D
IkarusTrojan.Win32.Otran
JiangminWorm/VBNA.gxny
GoogleDetected
AviraTR/Otran.AA
VaristW32/Vobfus.L.gen!Eldorado
Antiy-AVLWorm/Win32.WBNA.gen
Kingsoftmalware.kb.a.1000
MicrosoftWorm:Win32/Vobfus.AM
XcitiumWorm.Win32.VB.ww@2ajsup
ArcabitTrojan.Midie.D18896
ViRobotWorm.Win32.A.VBNA.143360.AAR
ZoneAlarmWorm.Win32.VBNA.brqy
GDataGen:Variant.Midie.100502
CynetMalicious (score: 100)
AhnLab-V3Worm/Win32.VBNA.R6556
BitDefenderThetaAI:Packer.F7047E0F20
ALYacGen:Variant.Midie.100502
MAXmalware (ai score=87)
VBA32SScope.Trojan.VBRA.5166
MalwarebytesGeneric.Malware.AI.DDS
PandaW32/Vobfus.FL
RisingTrojan.Win32.VBCode.cbs (CLASSIC)
YandexTrojan.GenAsa!DJXzsFP6hFw
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/AutoRun.XM!worm
AVGWin32:AutoRun-BRC [Trj]
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Vobfus.08eddb94

How to remove Midie.100502?

Midie.100502 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment