Malware

Midie.105961 (file analysis)

Malware Removal

The Midie.105961 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.105961 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Midie.105961?



File Info:

name: 13A3E9C67D6C96152CEC.mlw
path: /opt/CAPEv2/storage/binaries/244b37cf921a5a661184edf4bb3e1fe59c1c6f98cd84f67e22aa224d1ea2d1a3
crc32: 89005C65
md5: 13a3e9c67d6c96152cec1e191c6bb55f
sha1: 4793774097765c5531057f796ee1ee50871d1e99
sha256: 244b37cf921a5a661184edf4bb3e1fe59c1c6f98cd84f67e22aa224d1ea2d1a3
sha512: f10006ec5a93d24ceab5ef3a6c6e9baa3b7f13ffed16a03fd4a2b017f228bad00b991704696340705df3a32cdb22092e16237084f054b4546ffdc5b50a7b9ef2
ssdeep: 1536:tEFDGueh5Jl82GIgD5DflN+dBphIiGsHRBD9NOW7PG3uvRlUD:tEFtwjM5fqXppSSOQHU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DC936CD26B8DACF2E55095FD07BF096B031E7C33C5C48B1B62C0179BE162B859AA135E
sha3_384: 7d3ca7e89fe680ef0cb8a730d9bd4f341bca7315b02a925e2adc6f5f931ba412e23cb02598d113ca6c2cfb2b43c18516
ep_bytes: 6810024100e8f0ffffff000000000000
timestamp: 2009-04-26 09:17:40


Version Info:

Translation: 0x0409 0x04b0
Comments: inSSIDer
CompanyName: inSSIDer
FileDescription: inSSIDer
LegalCopyright: inSSIDer
LegalTrademarks: inSSIDer
ProductName: inSSIDer
FileVersion: 4.00
ProductVersion: 4.00
InternalName: hosen
OriginalFilename: hosen.exe

Midie.105961 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Midie.105961
FireEyeGeneric.mg.13a3e9c67d6c9615
ALYacGen:Variant.Midie.105961
CylanceUnsafe
ZillyaTrojan.Injector.Win32.1254188
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005892061 )
AlibabaTrojanDownloader:Win32/GuLoader.60f51ac6
K7GWTrojan ( 005892061 )
BitDefenderThetaGen:NN.ZevbaF.34114.fm0@aCPRG9bi
CyrenW32/VB_Troj.CH.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.EQJD
TrendMicro-HouseCallTROJ_GEN.R002C0DJJ21
KasperskyTrojan-Downloader.Win32.GuLoader.dk
BitDefenderGen:Variant.Midie.105961
NANO-AntivirusTrojan.Win32.GuLoader.jjjipb
AvastWin32:Trojan-gen
TencentWin32.Trojan-downloader.Guloader.Dxwt
Ad-AwareGen:Variant.Midie.105961
EmsisoftGen:Variant.Midie.105961 (B)
TrendMicroTROJ_GEN.R002C0DJJ21
McAfee-GW-EditionPWS-FCUB!13A3E9C67D6C
SophosMal/Generic-S + Troj/Zbot-POJ
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Midie.105961
AviraTR/Kryptik.qhxpt
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASMalwS.34E7FE3
GridinsoftRansom.Win32.Zbot.sa
MicrosoftTrojan:Win32/Guloader.SS!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Guloader.R446280
McAfeePWS-FCUB!13A3E9C67D6C
VBA32Malware-Cryptor.GuLoader.gen
MalwarebytesTrojan.GuLoader
APEXMalicious
RisingDownloader.Guloader!1.DA2C (CLOUD)
YandexTrojan.Igent.bWM5rv.8
IkarusTrojan.VB.Crypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.FMEX!tr
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Midie.105961?

Midie.105961 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment