Malware

Midie.106680 removal guide

Malware Removal

The Midie.106680 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.106680 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • CAPE detected the OnlyLogger malware family
  • Uses suspicious command line tools or Windows utilities

How to determine Midie.106680?



File Info:

name: 261DA8A339188A5A2DB2.mlw
path: /opt/CAPEv2/storage/binaries/306dbc970d0ba698e4e5a5ef5271a04031925b1ea18b10a4d170a4f73204dc45
crc32: F7B6AB62
md5: 261da8a339188a5a2db26464ac22b1ee
sha1: 393dbc4d9b2839be06f14e5121cac9c48bb3e4ad
sha256: 306dbc970d0ba698e4e5a5ef5271a04031925b1ea18b10a4d170a4f73204dc45
sha512: a4f813bf24d73aea9f72271ee8d828217fd0b885273496726ab50c0ad74fe8844cfcdc82cd254ac7cc4a393dfcdf1bc108577084e6fef9ed820d80fa169500ee
ssdeep: 6144:cIo8VtAhd+hyCQ19kR8Pr5eG2MnAULHj/CvfXZif9h:WMtAhUpukR2rj2CTjOir
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D994E0327980D831D49A31318C27CF712ABEB8745A559943B7F83B69BE323C1266539F
sha3_384: 7aeffc57d4349290cfd769064be92ec5c9559f2ac1345ed1cb716e78ffb56997c4c5e404a69e8076f76881ac3deb3e39
ep_bytes: e897660000e978feffffcccccccccccc
timestamp: 2020-11-25 02:11:35


Version Info:

FileVersion: 21.29.120.69
InternationalName: bomgvioci.iwa
Copyright: Copyrighz (C) 2021, fudkorta
ProjectVersion: 1.10.70.57
Translation: 0x0129 0x07b2

Midie.106680 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Siggen3.10681
MicroWorld-eScanGen:Variant.Midie.106680
FireEyeGeneric.mg.261da8a339188a5a
CAT-QuickHealTrojan.ConvagentPMF.S26286199
ALYacGen:Variant.Midie.106680
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 003e58dd1 )
BitDefenderGen:Variant.Midie.106680
K7GWTrojan ( 003e58dd1 )
Cybereasonmalicious.d9b283
BitDefenderThetaGen:NN.ZexaF.34182.Aq0@aiHa5Sge
CyrenW32/SillyBackdoor.B.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HOAP
TrendMicro-HouseCallRansom_StopCrypt.R03BC0DB322
ClamAVWin.Trojan.Generic-9935605-0
KasperskyHEUR:Trojan.Win32.Agent.gen
RisingMalware.Heuristic!ET#91% (RDMK:cmRtazr7BQjbfet7Cc40jk+GXutH)
SophosML/PE-A + Mal/Agent-AWV
TrendMicroRansom_StopCrypt.R03BC0DB322
McAfee-GW-EditionBehavesLike.Win32.Backdoor.gh
SentinelOneStatic AI – Suspicious PE
EmsisoftTrojan.Crypt (A)
IkarusTrojan.Win32.Raccoon
JiangminTrojan.Stop.ctn
AviraTR/AD.Chapak.qlzkw
MicrosoftRansom:Win32/StopCrypt.PAO!MTB
GDataWin32.Trojan.BSE.12FNXDY
CynetMalicious (score: 100)
AhnLab-V3Packed/Win.GEE.R466166
McAfeeArtemis!261DA8A33918
MAXmalware (ai score=89)
VBA32BScope.TrojanSpy.Stealer
MalwarebytesTrojan.MalPack.GS
PandaTrj/GdSda.A
APEXMalicious
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/GenKryptik.ERHN!tr
AVGWin32:AceCrypter-B [Cryp]
AvastWin32:AceCrypter-B [Cryp]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Midie.106680?

Midie.106680 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment