Malware

Midie.104874 removal tips

Malware Removal

The Midie.104874 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.104874 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Urdu (India)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

How to determine Midie.104874?



File Info:

name: 8A209965F6E7A618F65E.mlw
path: /opt/CAPEv2/storage/binaries/6d189e15389956a9e338c08d4912dc94476314fff25d24583a798e126ff6adb2
crc32: 38D43E9C
md5: 8a209965f6e7a618f65e73d6bae43a36
sha1: 3e53c7eecd0a6aeae41ed841ea086312613ce3d4
sha256: 6d189e15389956a9e338c08d4912dc94476314fff25d24583a798e126ff6adb2
sha512: 6aa8a9603351e4654b7f0995fd3023bf1b0d1d111bd88646bd0d5297b03da7c38f35d91375ec9ee26c835e561726aff55accb85168b1a8ff3a82428d3e20c88f
ssdeep: 3072:nme2v8MnwQUirDMgVCk1U+D0+pLiRsdPeT1h20Au9KXHd2:z2vRnwGrgka+RxbFqTx59K0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F114DF267AF1C035D4B7563069F0DA610A3FB872277580BF27A4262E2F707D09AB5367
sha3_384: f9b5c2121cd53605406b8ae765b044e77839bd259414d32e8e360aa78ed1877ca04b9d16aad44c0712bf61371ee7b46d
ep_bytes: e8502a0000e989feffffcccccccccccc
timestamp: 2020-12-01 07:52:47


Version Info:

InternalName: bomgpiaruci.iwa
Copyright: Copyrighz (C) 2021, fudkat
ProductVersion: 13.54.77.27
Translation: 0x0114 0x046a

Midie.104874 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Midie.104874
FireEyeGeneric.mg.8a209965f6e7a618
ALYacGen:Variant.Midie.104874
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005892fe1 )
K7GWTrojan ( 005892fe1 )
Cybereasonmalicious.ecd0a6
CyrenW32/Kryptik.FUG.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HNLX
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
BitDefenderGen:Variant.Midie.104874
AvastWin32:CrypterX-gen [Trj]
TencentTrojan.Win32.BitCoinMiner.la
Ad-AwareGen:Variant.Midie.104874
EmsisoftGen:Variant.Midie.104874 (B)
DrWebTrojan.Siggen15.55057
McAfee-GW-EditionBehavesLike.Win32.Emotet.ch
SophosML/PE-A + Troj/Krypt-BO
IkarusTrojan-Ransom.StopCrypt
MAXmalware (ai score=89)
GridinsoftRansom.Win32.STOP.sa
MicrosoftTrojan:Win32/Vidar.AA!MTB
GDataWin32.Trojan.BSE.11GYDBI
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.FSWW.R453694
Acronissuspicious
McAfeeLockbit-FSWW!8A209965F6E7
VBA32Backdoor.Mokes
MalwarebytesTrojan.MalPack.GS
TrendMicro-HouseCallTROJ_GEN.R002H0CKQ21
RisingTrojan.Generic@ML.92 (RDMK:cdaE2deBLBP9mtbESiLOdg)
SentinelOneStatic AI – Malicious PE
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaF.34294.mq0@am2yrzdG
AVGWin32:CrypterX-gen [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Midie.104874?

Midie.104874 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment