Categories: Malware

Midie.70210 (B) information

The Midie.70210 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Midie.70210 (B) virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (2 unique times)
Creates RWX memory
Reads data out of its own binary image
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Attempts to identify installed AV products by registry key
Attempts to modify proxy settings

Related domains:

d3vngcy706h320.cloudfront.net

bon.sonjelly.club

d2adi7hu49xk5t.cloudfront.net

How to determine Midie.70210 (B)?


File Info:
crc32: 926631A4md5: 8f44e8c6e6132b3cedcbb6840d31a78aname: setup.exesha1: 3e796af5e2d5081dfee48bff2ab05ca8e4f5799fsha256: d955858c45fa890b77e37fed829098ee9a9999c26aadd3ebfbd0ea7c07b5715dsha512: f4a2948d3df43b1dec6c9038675c3fe1314735cebbcaff92143b380ded470c66bb8571d193e476caec209756d8b2df653109419046565d4c2f06bb51f5da2420ssdeep: 49152:e2OWmd3ClNCiMnZsEVx8dVUi5DP/BL9pFMbQICd6q:e/Wmd3jiMr60i5j/ZTa0qqtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

Midie.70210 (B) also known as:

Bkav	HW32.Packed.
MicroWorld-eScan	Gen:Variant.Midie.70210
CAT-QuickHeal	Trojan.SurfSodaInfo.M7
Qihoo-360	HEUR/QVM20.1.FC1B.Malware.Gen
McAfee	GenericRXIT-CV!8F44E8C6E613
Cylance	Unsafe
Sangfor	Malware
K7AntiVirus	Trojan ( 0055bb171 )
BitDefender	Gen:Variant.Midie.70210
K7GW	Trojan ( 0055bb171 )
Cybereason	malicious.5e2d50
BitDefenderTheta	Gen:NN.ZexaF.34084.yIZ@auRMRski
Cyren	W32/Kryptik.AQV.gen!Eldorado
GData	Win32.Trojan.Kryptik.OS
Kaspersky	not-a-virus:HEUR:AdWare.Win32.StartSurf.vho
Alibaba	Trojan:Win32/Kryptik.64cb86bd
APEX	Malicious
Rising	Dropper.Generic!8.35E (TFE:dGZlOgXDFN40gI8DVg)
Ad-Aware	Gen:Variant.Midie.70210
Sophos	IStartSurfInstaller (PUA)
Comodo	Application.Win32.IStartSurf.VISA@8fniqt
F-Secure	Trojan.TR/Dropper.Gen
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Backdoor.vc
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.8f44e8c6e6132b3c
Emsisoft	Gen:Variant.Midie.70210 (B)
SentinelOne	DFI – Malicious PE
F-Prot	W32/Kryptik.AQV.gen!Eldorado
Avira	TR/Dropper.Gen
MAX	malware (ai score=85)
Antiy-AVL	GrayWare/Win32.Kryptik.guot
Endgame	malicious (high confidence)
Arcabit	Trojan.Midie.D11242
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.StartSurf.vho
Microsoft	Trojan:Win32/Wacatac.D!ml
Acronis	suspicious
ALYac	Gen:Variant.Midie.70210
Malwarebytes	Trojan.IStartSurf
Panda	Trj/Genetic.gen
ESET-NOD32	a variant of Win32/Kryptik.GYRB
Ikarus	PUA.ICLoader
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Kryptik.BVKS!tr
AVG	FileRepMetagen [Adw]
CrowdStrike	win/malicious_confidence_100% (D)