Malware

Should I remove “Midie.104895”?

Malware Removal

The Midie.104895 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.104895 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Spanish (Ecuador)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Detects Sandboxie through the presence of a library
  • Detects Avast Antivirus through the presence of a library
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization

How to determine Midie.104895?



File Info:

name: BF998D5F7547F3639FEF.mlw
path: /opt/CAPEv2/storage/binaries/09453cc5b0f737388e58822f9850dd4dda8ae29f003ace0f6b4bd587b2cb01df
crc32: 6D32832B
md5: bf998d5f7547f3639fefb1b58559b5c7
sha1: 62aa040bf9b68f7b10ba860bc68c1d2469ec8f04
sha256: 09453cc5b0f737388e58822f9850dd4dda8ae29f003ace0f6b4bd587b2cb01df
sha512: 12a6cd225a9df60d35fb8c5ae9d430b36f9def6a42bf831cdf0c227bcfa0cc66e0db06f4cb52fedd6b027e4bf65e251cfc0a2d24c34c9479aee49f3410970194
ssdeep: 3072:xwBevEbJD3c+2oJExW9pQbLK92lDEa4UId2:XvEbF3c+22R7D2lfR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BFD3AD1176E0CC36E1F729302870D6A10A6BBC736A35858F37E422AF4FB06D199E6757
sha3_384: e3c1dda45ed98fb9409c371b9706563062519ab1d99954d2ddb7db9c226bcaf1a96b1dc1960325a1e9ab384af54fea2a
ep_bytes: e8172a0000e989feffff8bff558bec8b
timestamp: 2020-09-02 15:17:23


Version Info:

InternalName: bomgpiaruci.iwa
Copyright: Copyrighz (C) 2021, fudkat
ProductVersion: 13.54.77.27
Translation: 0x0114 0x046a

Midie.104895 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Stop.j!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader44.6604
MicroWorld-eScanGen:Variant.Midie.104895
FireEyeGeneric.mg.bf998d5f7547f363
CAT-QuickHealTrojanransom.Stop
ALYacGen:Variant.Midie.104895
MalwarebytesTrojan.MalPack
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 00584baa1 )
AlibabaTrojan:Win32/Azorult.7daa7101
K7GWRiskware ( 00584baa1 )
CrowdStrikewin/malicious_confidence_90% (W)
BitDefenderThetaGen:NN.ZexaF.34062.iq0@a8b!!DTG
CyrenW32/Kryptik.FUG.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HNMA
TrendMicro-HouseCallTrojan.Win32.SMOKELOADER.YXBK2Z
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Ransom.Win32.Stop.gen
BitDefenderGen:Variant.Midie.104895
AvastWin32:Malware-gen
TencentWin32.Trojan.Stop.Pjnl
Ad-AwareGen:Variant.Midie.104895
TrendMicroTrojan.Win32.SMOKELOADER.YXBK2Z
SentinelOneStatic AI – Malicious PE
EmsisoftTrojan.Crypt (A)
IkarusTrojan-Ransom.StopCrypt
JiangminTrojan.Stop.cmx
AviraTR/Redcap.xemmz
KingsoftWin32.Troj.Undef.(kcloud)
GridinsoftMalware.Win32.GenericMC.cc
MicrosoftTrojan:Win32/Azorult.RM!MTB
GDataGen:Variant.Midie.104895
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.MalPE.R454658
Acronissuspicious
McAfeeLockbit-FSWW!BF998D5F7547
VBA32TrojanRansom.Stop
CylanceUnsafe
APEXMalicious
RisingTrojan.Kryptik!1.DAC3 (CLASSIC)
YandexTrojan.Kryptik!d2r7dCDeYow
MAXmalware (ai score=81)
eGambitUnsafe.AI_Score_83%
FortinetW32/Lockbit.FSWW!tr
AVGWin32:Malware-gen
Cybereasonmalicious.bf9b68
PandaTrj/GdSda.A

How to remove Midie.104895?

Midie.104895 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment