Malware

Mikey.103830 (file analysis)

Malware Removal

The Mikey.103830 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mikey.103830 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the Ursnif3 malware family

How to determine Mikey.103830?



File Info:

name: A0C05A66B9C49309DFA5.mlw
path: /opt/CAPEv2/storage/binaries/544bf4cf9df24d70a7c19880ef5cc2e0c31b456fd8ae54f6af3dbb5d99b8f896
crc32: 1FB43E3B
md5: a0c05a66b9c49309dfa52596d0fb861d
sha1: d603de7263535a5f2f50ff820eff2e1dfa19e412
sha256: 544bf4cf9df24d70a7c19880ef5cc2e0c31b456fd8ae54f6af3dbb5d99b8f896
sha512: 00da5a76017a8380319caefcd9e9abf7fc2e127ac73ebd0a338f04c16ee0cff255c7a909f92060961c9a331b18b614593b989a60e0ff90c622868a27454016ae
ssdeep: 49152:ySZTnrDSgUyuSD5cHiVTq2OsSpH0jnUCKaKy60ycAo:y2pVUUUsKSy
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CD065C20EA018119F86704B6DEFDD99D6158BA600F3C40E37184AFFE5E6EAD27D32257
sha3_384: 7f680c076adc81f4c4835058146cff896ff5bc8c2803202e636eba27362551951f453757588b09961fa9505cf8da23cf
ep_bytes: 558bece848430100e893fdffff5dc3cc
timestamp: 2014-10-16 13:07:45


Version Info:

CompanyName: Bottle Rocket Apps Thirdcrowd
FileDescription: QuotientNecessary
FileVersion: 0.0.80.34
InternalName: QuotientNecessary
LegalCopyright: Copyright © 2001-2016 Bottle Rocket Apps Thirdcrowd
LegalTrademarks: QuotientNecessary
ProductVersion: 0.0.80.34
ProductName: QuotientNecessary
Translation: 0x0409 0x04b0

Mikey.103830 also known as:

LionicTrojan.Win32.Ursnif.l!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Mikey.103830
FireEyeGeneric.mg.a0c05a66b9c49309
ALYacGen:Variant.Mikey.103830
MalwarebytesTrojan.Agent
VIPRETrojan.Win32.Generic!BT
SangforSuspicious.Win32.Mikey.103830
K7AntiVirusTrojan ( 00559d911 )
BitDefenderGen:Variant.Mikey.103830
K7GWTrojan ( 00559d911 )
Cybereasonmalicious.6b9c49
BitDefenderThetaGen:NN.ZexaF.34182.Ix0@amHBMjhi
VirITTrojan.Win32.Gozi.WA
CyrenW32/Ursnif.BN.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.GXKJ
TrendMicro-HouseCallTROJ_GEN.R002C0PAP22
KasperskyHEUR:Trojan-Spy.Win32.Ursnif.vho
AlibabaTrojanSpy:Win32/Ursnif.99c57219
NANO-AntivirusTrojan.Win32.Gozi.gdqyfc
RisingTrojan.Kryptik!8.8 (CLOUD)
SophosMal/Generic-S
ComodoMalware@#35iimtpxnri43
DrWebTrojan.Gozi.572
TrendMicroTROJ_GEN.R002C0PAP22
McAfee-GW-EditionTrojan-FRGC!A0C05A66B9C4
EmsisoftGen:Variant.Mikey.103830 (B)
APEXMalicious
JiangminTrojan.Banker.Gozi.zn
AviraTR/AD.UrsnifDropper.kxkjz
MAXmalware (ai score=84)
Antiy-AVLTrojan/Generic.ASMalwS.2C7E480
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Variant.Mikey.103830
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.Ursnif.C3520525
McAfeeTrojan-FRGC!A0C05A66B9C4
TACHYONBanker/W32.Gozi.3714560
VBA32TrojanBanker.Gozi
CylanceUnsafe
PandaTrj/Genetic.gen
TencentMalware.Win32.Gencirc.10b9fc38
YandexTrojan.PWS.Gozi!7m3TJrQ+yls
IkarusTrojan.Win32.Ursnif
MaxSecureTrojan.Malware.74636257.susgen
FortinetW32/Kryptik.GNRM!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Mikey.103830?

Mikey.103830 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment