Malware

Midie.105607 (B) malicious file

Malware Removal

The Midie.105607 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.105607 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Expresses interest in specific running processes
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Polish
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)
  • Tries to unhook or modify Windows functions monitored by Cuckoo

How to determine Midie.105607 (B)?



File Info:

name: 9FC0206115AE3F8CAE59.mlw
path: /opt/CAPEv2/storage/binaries/d1368a683db620159e82e73940566219a539ec91ea382463f64f0ce8f8ae22e0
crc32: 38C69ED3
md5: 9fc0206115ae3f8cae5962b9c6a1e3da
sha1: ad2017ef5d980a2110022a724335721804be3d8a
sha256: d1368a683db620159e82e73940566219a539ec91ea382463f64f0ce8f8ae22e0
sha512: 30ceb4841e4075afd1b095907320480b38ee6ebb67ada09c1bf5c8431c6303ff585b8fefc8480fd6e126efaff764efb17a2454ffa0f10974ed6930c6e2c1ee61
ssdeep: 3072:IhaihMssJRjDnHkRh0vG8/xVVIuu4JHXkp+fsunnjmSHbRe9H5Toy9FU4otPg+:KaMRsJZLHkExVV7lkp+rj/tEZTLU4h
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A2342A2CE97A656BD9B14CF18293C3C67A070D58F7608DB325E06A0B329D5072CDB7E6
sha3_384: f5f2efd735030ff76fac9cfe16484767b10fbe7407a80044a3fcfe46ef17b0a7b3d0dc28404b2c594763f852bd71e9c7
ep_bytes: 558bec6aff68b08e4200685068420064
timestamp: 2004-09-15 20:26:02


Version Info:

Comments: dearth fevered
CompanyName: zoneLINK
FileDescription: dots exceptionally
FileVersion: 150, 68, 33, 35
InternalName: coasted desperately
LegalCopyright: capitalist flushes
LegalTrademarks: censure foreigners
OriginalFilename: erratic.exe
PrivateBuild: convicting
ProductName: dwindle flickered
ProductVersion: 239, 100, 116, 108
SpecialBuild: fish

Midie.105607 (B) also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
FireEyeGeneric.mg.9fc0206115ae3f8c
McAfeeObfuscated-FAAH!9FC0206115AE
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Generic.ky
K7AntiVirusTrojan ( 004bdf531 )
AlibabaTrojan:Win32/Tinba.acb40e9b
K7GWTrojan ( 004bdf531 )
Cybereasonmalicious.115ae3
VirITTrojan.Win32.Crypt4.XHW
CyrenW32/S-104687bc!Eldorado
SymantecTrojan.Tinba!gm
ESET-NOD32Win32/Tinba.BK
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Tinba.pef
BitDefenderGen:Variant.Midie.105607
NANO-AntivirusTrojan.Win32.Tinba.dreczt
MicroWorld-eScanGen:Variant.Midie.105607
AvastWin32:GenMalicious-KOE [Trj]
TencentMalware.Win32.Gencirc.10b2478e
Ad-AwareGen:Variant.Midie.105607
EmsisoftGen:Variant.Midie.105607 (B)
ComodoTrojWare.Win32.Tinba.GN@79b15x
DrWebTrojan.PWS.Tinba.153
ZillyaTrojan.Tinba.Win32.1635
TrendMicroTROJ_GEN.R002C0PAH22
McAfee-GW-EditionBehavesLike.Win32.Emotet.dh
SophosML/PE-A + Mal/Tinba-I
IkarusTrojan.Win32.Tinba
GDataWin32.Trojan.PSE.ZURO33
JiangminTrojan/Banker.Tinba.ank
AviraHEUR/AGEN.1137088
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Midie.D19C87
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
TACHYONBanker/W32.Tinba.248320
AhnLab-V3Trojan/Win32.Dynamer.R150542
BitDefenderThetaGen:NN.ZexaF.34160.pq0@aGLTO8eO
ALYacGen:Variant.Midie.105607
MAXmalware (ai score=81)
MalwarebytesTrojan.Tinba
TrendMicro-HouseCallTROJ_GEN.R002C0PAH22
RisingSpyware.Tinba!8.11177 (CLOUD)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Deshacop.XO!tr
AVGWin32:GenMalicious-KOE [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Midie.105607 (B)?

Midie.105607 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment