Malware

Midie.107460 removal

Malware Removal

The Midie.107460 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.107460 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • HTTPS urls from behavior.
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Finnish
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)
  • Created a process from a suspicious location
  • CAPE detected the STOP malware family
  • Attempts to modify proxy settings

How to determine Midie.107460?



File Info:

name: B3BEEDFBDA3A7C8020D4.mlw
path: /opt/CAPEv2/storage/binaries/4b946b233f29f6aee117c2286ccbd72f02d584696a62f770fcf702caf7de18f0
crc32: 62F88CAA
md5: b3beedfbda3a7c8020d4649db6898735
sha1: 3d98472f163e9826cda2732c6a7da0f5769bd986
sha256: 4b946b233f29f6aee117c2286ccbd72f02d584696a62f770fcf702caf7de18f0
sha512: 431a8d706d9774a8c91c5ae05798357c097a20f36889f96e41b7cea7825f22211db9ee60c0a81b726c20d07aed5270a049766eb4414da409eef6afaac7ab6ec9
ssdeep: 12288:P5J0XqwF8R1eRpYYTg+mcAcN4lHvbTW0C8hCKivUIZ+vU0SE5OZ:Po6Kq0RGYTOcMv20CmCnvUIZ+vU01OZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BD0512513682D832C0F65C309A76C7A44BBBAD7159A29507F26DB73B2E303E04F76386
sha3_384: a451f3af38f1e1e72173bcf7e75476ed0bc7d7a5463a74abd480c47a65cb246dc8a07088e204118b65e9db653cbcc062
ep_bytes: e863430000e979feffff8bff51c70130
timestamp: 2021-03-11 14:56:20


Version Info:

FileVersion: 21.79.11.69
InternationalName: pomgveoci.iwe
Copyright: Copyrighz (C) 2021, fudkorta
Translations: 0x0127 0x010f

Midie.107460 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
FireEyeGeneric.mg.b3beedfbda3a7c80
ALYacGen:Variant.Fragtor.57889
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0053d5971 )
BitDefenderGen:Variant.Midie.107460
K7GWTrojan ( 0053d5971 )
Cybereasonmalicious.f163e9
BitDefenderThetaGen:NN.ZexaF.34182.Yq0@ayICRrbK
SymantecPacked.Generic.525
ESET-NOD32a variant of Win32/Kryptik.HOGO
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Ransom.Win32.Stop.gen
MicroWorld-eScanGen:Variant.Midie.107460
RisingMalware.Heuristic!ET#91% (RDMK:cmRtazpzVHdfOl12gH3HGO7NurJ4)
SophosML/PE-A + Mal/Agent-AWV
McAfee-GW-EditionBehavesLike.Win32.Drixed.cc
EmsisoftGen:Variant.Midie.107460 (B)
IkarusPacked.Win32.Crypt
MicrosoftTrojan:Win32/Glupteba
GDataGen:Variant.Midie.107460
AhnLab-V3Infostealer/Win.SmokeLoader.R470642
McAfeePacked-GDT!B3BEEDFBDA3A
MAXmalware (ai score=89)
MalwarebytesTrojan.MalPack.GS
PandaTrj/Genetic.gen
APEXMalicious
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.ERHN!tr
AVGWin32:CrypterX-gen [Trj]
AvastWin32:CrypterX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Midie.107460?

Midie.107460 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment