Malware

Midie.105486 (B) removal instruction

Malware Removal

The Midie.105486 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.105486 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Oriya
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Detects Sandboxie through the presence of a library
  • Detects Avast Antivirus through the presence of a library
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization

How to determine Midie.105486 (B)?



File Info:

name: 45671C1FA5982B2BF28F.mlw
path: /opt/CAPEv2/storage/binaries/db302a6e7a4b8f28b585aae36497591257e033a7772a262ec9e39dc9385d9b86
crc32: D744DE8B
md5: 45671c1fa5982b2bf28fe5cbcddef397
sha1: a01839c05b284e376b2125b846ff60173957384a
sha256: db302a6e7a4b8f28b585aae36497591257e033a7772a262ec9e39dc9385d9b86
sha512: c87332858d57656aa0a369c2b9e6b573af3ae219cb87199bac2ebfb094b8518f30b2de48d24b2dbd0a8794a061337f7dee11664278a81a750b36a51ab294e6b1
ssdeep: 6144:rRFLeyMb1ottuzbgwu6L7ITsqSigaTwVfr:1FKStunnn7s
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T148348DF176AD8471D5632D308921CAA10B2BBC12D960A106F674679E1FB3BCC9EE531F
sha3_384: 46a9efd4d444990703d6b46382025344d739d4e0b69e9e08bbe364cb762f9c8f68bfd36b260d558bad053004b5ac68c2
ep_bytes: e884340000e979feffffcccccccccccc
timestamp: 2020-08-15 17:10:36


Version Info:

InternalName: bomgpiaruci.iwa
Copyright: Copyrighz (C) 2021, fudkat
ProductVersion: 13.54.77.27
Translation: 0x0127 0x046a

Midie.105486 (B) also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Stealer.l!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader44.13757
CynetMalicious (score: 100)
FireEyeGeneric.mg.45671c1fa5982b2b
McAfeeLockbit-FSWW!45671C1FA598
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0058b94e1 )
AlibabaTrojanSpy:Win32/Raccoon.b35b93a7
K7GWTrojan ( 0058b94e1 )
Cybereasonmalicious.05b284
BitDefenderThetaGen:NN.ZexaF.34084.oy0@a01ooKJG
CyrenW32/Kryptik.FWV.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HNPO
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
BitDefenderGen:Variant.Midie.105486
MicroWorld-eScanGen:Variant.Midie.105486
Ad-AwareGen:Variant.Midie.105486
EmsisoftGen:Variant.Midie.105486 (B)
SophosMal/Generic-S + Troj/Krypt-BO
IkarusTrojan.Win32.Crypt
GDataWin32.Trojan.PSE.1L145IR
JiangminExploit.ShellCode.fwj
Antiy-AVLTrojan/Win32.Generic
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Raccoon.DE!MTB
AhnLab-V3Trojan/Win.MalPE.R457259
Acronissuspicious
VBA32BScope.TrojanDropper.Convagent
ALYacGen:Variant.Midie.105486
MAXmalware (ai score=82)
MalwarebytesTrojan.MalPack.GS
TrendMicro-HouseCallTROJ_GEN.R002C0DL921
RisingTrojan.Generic@ML.87 (RDML:F5RmUdJxaM4L9buyei0CfA)
SentinelOneStatic AI – Malicious PE
FortinetW32/Lockbit.FSWW!tr
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Midie.105486 (B)?

Midie.105486 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment