Malware

Midie.105496 (B) removal instruction

Malware Removal

The Midie.105496 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.105496 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Oriya
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family

How to determine Midie.105496 (B)?



File Info:

name: 1B48D1C049CD2798B1F9.mlw
path: /opt/CAPEv2/storage/binaries/8b95a9d4b7b5cc396ca4be7d584e4835706ce68955f533aa6adf5c606a9d2bc5
crc32: F0AA73E4
md5: 1b48d1c049cd2798b1f95a6f1ae356cc
sha1: d0f056de76e8476ad3a32605bd54f366ee085783
sha256: 8b95a9d4b7b5cc396ca4be7d584e4835706ce68955f533aa6adf5c606a9d2bc5
sha512: 8151b1fdda2bbcd7ff75b00431a5c3ecf091f17f3f8285e452d101b414b0eeaf109bab89c6bae5d9eb43c4a4612d7a7d9ef9ab8fc88a11ae2489c6614aa4255d
ssdeep: 6144:SmdKLZrmAOsrp+h/TgcufF/Dsp6ogGze867KzuxbhJ6uzbgwu6Qigak:BdK1CAlQufVDyeKzqJ6unn5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A864F03236BCC862D6B34D314865C7D55DBF7C529A20A06AE261678F2F32F9C46E131E
sha3_384: 08484451cb672e7b977d032a29539e65955bf49d67376639b5bff68abd59a78701fd1a075048b0c49db86a9f28ea6fcb
ep_bytes: e884340000e979feffffcccccccccccc
timestamp: 2021-03-13 14:25:41


Version Info:

InternalName: bomgpiaruci.iwa
Copyright: Copyrighz (C) 2021, fudkat
ProductVersion: 13.54.77.27
Translation: 0x0127 0x046a

Midie.105496 (B) also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Multi.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.31749
MicroWorld-eScanGen:Variant.Midie.105496
FireEyeGeneric.mg.1b48d1c049cd2798
ALYacGen:Variant.Midie.105496
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0056b2c51 )
K7GWTrojan ( 0056b2c51 )
Cybereasonmalicious.e76e84
BitDefenderThetaGen:NN.ZexaF.34084.uy0@aOYkNPQG
CyrenW32/Kryptik.FWV.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HNPP
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Zenpak.gen
BitDefenderGen:Variant.Midie.105496
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Midie.105496
SophosML/PE-A + Troj/Krypt-BO
TrendMicroTROJ_GEN.R002C0PL921
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
EmsisoftGen:Variant.Midie.105496 (B)
GDataGen:Variant.Midie.105496
JiangminExploit.ShellCode.fwj
MAXmalware (ai score=88)
Antiy-AVLTrojan/Generic.ASMalwS.34E762B
KingsoftWin32.Troj.Undef.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.MalPE.R457381
Acronissuspicious
McAfeeLockbit-FSWW!1B48D1C049CD
VBA32BScope.TrojanDropper.Convagent
MalwarebytesTrojan.MalPack.GS
TrendMicro-HouseCallTROJ_GEN.R002C0PL921
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Lockbit.FSWW!tr
AVGWin32:Malware-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Midie.105496 (B)?

Midie.105496 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment