Malware

Midie.106761 information

Malware Removal

The Midie.106761 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.106761 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Serbian
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family

How to determine Midie.106761?



File Info:

name: 3ECC0BABE99DC1377C76.mlw
path: /opt/CAPEv2/storage/binaries/9cce8fc7195a1e33c9c79040df4560f23523ab1005f39debec6964447809fb32
crc32: 47971377
md5: 3ecc0babe99dc1377c76bff261b4c94d
sha1: ccb5147e7f1aaa965fc5a08d906d6fa4f844cd21
sha256: 9cce8fc7195a1e33c9c79040df4560f23523ab1005f39debec6964447809fb32
sha512: 05555c0860d55189064b479b69fbe471eb82fc7cdca87891caa5566fda6845836887382d7044fe56460caae9480af9c8074b4be71960df10077afc289b3fbb2c
ssdeep: 6144:9VqknL2XGrNhsqvGKtz7MRc0jCHuX7JBZ1QgrkrYKufrji0INO:9rqGrNhsqvGoMRcGKoVBZ1fwbMuVO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FC84F1307683D431E89A1670C95ACFA55ABDBCF518654643F3A92B296FF13C0262B34F
sha3_384: c69b99a099e1c64dfb1360eaefe113c1c17d404f4d2f4904e4b9343ca44140df20bebb468d5976ab0bbfb4e69888ac56
ep_bytes: e80c500000e979feffff832544a14500
timestamp: 2020-07-29 05:38:36


Version Info:

FileVersion: 21.29.120.69
InternationalName: bomgvioci.iwa
Copyright: Copyrighz (C) 2021, fudkorta
ProjectVersion: 1.10.70.57
Translations: 0x0121 0x03ca

Midie.106761 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.31716
MicroWorld-eScanGen:Variant.Midie.106761
FireEyeGeneric.mg.3ecc0babe99dc137
CAT-QuickHealTrojan.ChapakPMF.S26307769
ALYacGen:Variant.Midie.106761
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 003e58dd1 )
K7GWTrojan ( 0058d5cd1 )
Cybereasonmalicious.e7f1aa
BitDefenderThetaGen:NN.ZexaF.34182.yq0@aGq4InbG
CyrenW32/Qbot.FK.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HOBF
TrendMicro-HouseCallRansom_StopCrypt.R06CC0DAO22
ClamAVWin.Malware.Generic-9936948-0
KasperskyHEUR:Trojan-Ransom.Win32.Stop.gen
BitDefenderGen:Variant.Midie.106761
SUPERAntiSpywareTrojan.Agent/Generic
AvastWin32:AceCrypter-B [Cryp]
SophosML/PE-A + Mal/Agent-AWV
TrendMicroRansom_StopCrypt.R06CC0DAO22
McAfee-GW-EditionBehavesLike.Win32.Backdoor.fh
EmsisoftTrojan.Crypt (A)
IkarusTrojan-Ransom.StopCrypt
JiangminTrojan.Stop.ctp
MAXmalware (ai score=81)
MicrosoftRansom:Win32/StopCrypt.PAQ!MTB
GDataWin32.Trojan.BSE.12FNXDY
CynetMalicious (score: 100)
AhnLab-V3Packed/Win.GEE.R466702
McAfeePacked-GEE!3ECC0BABE99D
VBA32BScope.Trojan.Convagent
MalwarebytesTrojan.MalPack.GS
APEXMalicious
RisingRansom.Stop!8.10810 (TFE:dGZlOgWuuorQ6sKSKw)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.HOCG!tr
AVGWin32:AceCrypter-B [Cryp]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Midie.106761?

Midie.106761 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment