Malware

How to remove “Midie.87434”?

Malware Removal

The Midie.87434 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Midie.87434 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • Enumerates running processes
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Midie.87434?



File Info:

name: DAA0CA5CFF213B09A652.mlw
path: /opt/CAPEv2/storage/binaries/009db4d8bbd31b97717e0f016cebdbe5aa7952912f2c509aeac1199bbe0abfe0
crc32: D91A97F8
md5: daa0ca5cff213b09a652c42699c91ad5
sha1: 4c0ba7cd25d96672a40fe1f8a56b917d49196770
sha256: 009db4d8bbd31b97717e0f016cebdbe5aa7952912f2c509aeac1199bbe0abfe0
sha512: 32c9461abe0b13f71b14706c241e06d207ae6a4df373e7a32234250f22fe0f3a2c2889d8d11129fd7b90d6114976c4cb45a2ee2bd62c38752a9361a41283df06
ssdeep: 6144:pV50PcrZLR5HDMn4xJRBgiBoPysbF4mh7f1zH5:pVGPcdNlM40bKmhzn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T108A4A77A18104F0CEA6534FE46A9DCBEE5985E2410030FE351B2794BEB76543EE6B2DC
sha3_384: fd2757dab28fc1a56608091c358b4714450698e2928e33d60b7f8e24c748dfb537adb7ff77df57f611f30516e152e0a6
ep_bytes: e870390000e979feffff8bff558bec81
timestamp: 2013-08-29 13:29:37


Version Info:

0: [No Data]

Midie.87434 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Midie.87434
FireEyeGeneric.mg.daa0ca5cff213b09
CAT-QuickHealTrojanPWS.Zbot.Gen
McAfeePWSZbot-FEN!DAA0CA5CFF21
CylanceUnsafe
SangforTrojan.Win32.Llac.5846621
K7AntiVirusTrojan ( 0040f62d1 )
K7GWTrojan ( 0040f62d1 )
BitDefenderThetaGen:NN.ZexaF.34638.DqZ@aWvQZsaj
VirITTrojan.Win32.Generic.CJYX
CyrenW32/Trojan.MOZN-1620
SymantecTrojan.Dropper
ESET-NOD32Win32/Injector.ALXX
APEXMalicious
ClamAVWin.Trojan.Agent-1141040
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Midie.87434
NANO-AntivirusTrojan.Win32.Zbot.cqhtcf
SUPERAntiSpywareTrojan.Agent/Gen-Injector
AvastWin32:Crypt-PWT [Trj]
Ad-AwareGen:Variant.Midie.87434
EmsisoftGen:Variant.Midie.87434 (B)
ComodoTrojWare.Win32.Injector.aecr@51na51
DrWebBackDoor.Comet.152
ZillyaTrojan.Llac.Win32.43141
McAfee-GW-EditionPWSZbot-FEN!DAA0CA5CFF21
SophosTroj/Zbot-GET
IkarusTrojan.Win32.Llac
AviraTR/Llac.5846621
KingsoftWin32.Troj.Injector.JL.(kcloud)
MicrosoftTrojan:Win32/DllCheck.A!MSR
GDataGen:Variant.Midie.87434
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.Zbot.R81845
ALYacGen:Variant.Midie.87434
MAXmalware (ai score=80)
VBA32BScope.Backdoor.Comet
RisingTrojan.Generic@AI.91 (RDMK:cmRtazqUBIamwbZwik0mSDLss1U5)
YandexTrojan.GenAsa!RvlcMawzjuU
FortinetW32/SpyZbot.PVJV!tr
AVGWin32:Crypt-PWT [Trj]
Cybereasonmalicious.cff213
PandaTrj/Genetic.gen

How to remove Midie.87434?

Midie.87434 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment