Malware

What is “Midie.139771”?

Malware Removal

The Midie.139771 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.139771 virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Midie.139771?



File Info:

name: 279803396EBFF620C181.mlw
path: /opt/CAPEv2/storage/binaries/778daf2aca2d1ff385ea5003e5bcabb885118c34a9225dc5d7ebc5ef1fb1b4ed
crc32: FEA1D361
md5: 279803396ebff620c181af90a5ffd514
sha1: 67a8abddb812a0d11438068fa4db636e820928cc
sha256: 778daf2aca2d1ff385ea5003e5bcabb885118c34a9225dc5d7ebc5ef1fb1b4ed
sha512: fdbdeb2957a270abe66c20185090d8e38759de8d90222f06fdb991cec4af6e887941b48493a0373906d93ffaac886907567cfc17606ca622c56f1f4d12fbece2
ssdeep: 24576:kkix3ppz8EbMjG+5lV1phwnTMQTZaqdiXSp0c02uFG6dAk3PZ:kki1jgz5DThwnRTZaqdwk0c05HGih
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13695CF02B692D8F2DB051D30E46A67F6AA349EC9CF11CFCB5394FD2E3D3258091B6196
sha3_384: 30f68c9472ff0e6d12653bec33e098442232c044603c7adfbb9d1c9f0d44c32fc815150a61e778b3c8b9e17ea8f90331
ep_bytes: 558bec6aff6808d05a0068248b490064
timestamp: 2013-03-31 07:05:42


Version Info:

FileVersion: 2.5.2013.401
FileDescription: 恒熙安卓刷机助手 V2.05
ProductName: 安卓刷机助手
ProductVersion: 2.5.2013.401
CompanyName: 恒熙科技
LegalCopyright: 恒熙科技 版权所有
Comments: 恒熙安卓刷机助手
Translation: 0x0804 0x04b0

Midie.139771 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.lwTx
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.279803396ebff620
SkyhighBehavesLike.Win32.Generic.tc
McAfeeGenericRXEN-CO!279803396EBF
Cylanceunsafe
SangforTrojan.Win32.Agent.Vat4
K7AntiVirusTrojan ( 005246d51 )
AlibabaTrojan:Win32/MalwareX.7f274da2
K7GWTrojan ( 005246d51 )
Cybereasonmalicious.db812a
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
ClamAVWin.Trojan.Flystudio-9943951-0
BitDefenderGen:Variant.Midie.139771
MicroWorld-eScanGen:Variant.Midie.139771
AvastWin32:MalwareX-gen [Trj]
EmsisoftGen:Variant.Midie.139771 (B)
F-SecureTrojan:W32/DelfInject.R
VIPREGen:Variant.Midie.139771
TrendMicroTROJ_GEN.R002C0PKL23
Trapminesuspicious.low.ml.score
SophosGeneric Reputation PUA (PUA)
SentinelOneStatic AI – Malicious PE
GDataWin32.Application.PSE.1OV7PVV
VaristW32/Trojan.CLL.gen!Eldorado
Antiy-AVLTrojan/Win32.FlyStudio.a
XcitiumWorm.Win32.Dropper.RA@1qraug
ArcabitTrojan.Midie.D221FB
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Malware/Win.Generic.C5544782
ALYacGen:Variant.Midie.139771
MAXmalware (ai score=88)
MalwarebytesGeneric.Malware.AI.DDS
TrendMicro-HouseCallTROJ_GEN.R002C0PKL23
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/CoinMiner.PHP!tr
AVGWin32:MalwareX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Midie.139771?

Midie.139771 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment