Malware

Mikey.125957 (file analysis)

Malware Removal

The Mikey.125957 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mikey.125957 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Steals private information from local Internet browsers

How to determine Mikey.125957?



File Info:

name: 1A53E3D42EADF68BEDCC.mlw
path: /opt/CAPEv2/storage/binaries/366b5644a1947f1ea91740e998f4a1e4948c931c13e13dc70871a8d417e0bee1
crc32: 2014FD53
md5: 1a53e3d42eadf68bedccb26f1ffc980d
sha1: 2170f6dff351d3850b9ef1077d66fe4b8e03ac8b
sha256: 366b5644a1947f1ea91740e998f4a1e4948c931c13e13dc70871a8d417e0bee1
sha512: 5cb57b8f018feb357ba597d9d9ec93cac2c78646ed669c252330733d743811940aa55f25f31701f1147b74ebb6ae9ffbacc2a3fea6b586be740f6adb47ae38e8
ssdeep: 24576:dJH+U/e+wkH1RkTCL+XAf4CE1dfa5VTuXkxWeD9Rgkm2NCiUoiTddyzQsuhUL/Ma:BdwMRkTW+XE411dC5ekvyXiViqz2hI/d
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F15523F4B481947CE87214306321EAD18D12B9111B9972A36B3DCEEEE5F17C78F6264B
sha3_384: e65dcefa134c161637802fada82e0c412b471e969fa40e10c115bc3f344f268f2a802f6dc883e219b15bd01f30d264c3
ep_bytes: 60be00e04e008dbe0030f1ff57eb0b90
timestamp: 2020-09-02 10:54:44


Version Info:

CompanyName: svb service
FileDescription: Information svb service
FileVersion: 6.4.1.8
InternalName: svbservice.exe
LegalCopyright: (C) svb service All Right Reserved.
OriginalFilename: SvbService.exe
ProductName: svbservice
ProductVersion: 6.4.1.8
Translation: 0x0804 0x03a8

Mikey.125957 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Mikey.125957
FireEyeGeneric.mg.1a53e3d42eadf68b
CAT-QuickHealPUA.IgenericPMF.S24877818
McAfeeGenericRXAA-AA!1A53E3D42EAD
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
K7AntiVirusRiskware ( 005678901 )
AlibabaRiskWare:Win32/YouXun.f9549962
K7GWRiskware ( 005678901 )
Cybereasonmalicious.42eadf
CyrenW32/Youxun.B.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/RiskWare.YouXun.Z
APEXMalicious
Paloaltogeneric.ml
Kasperskynot-a-virus:UDS:AdWare.JS.KuwanBar.a
BitDefenderGen:Variant.Mikey.125957
NANO-AntivirusRiskware.Win32.Adware.hknpfz
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Mikey.125957
SophosGeneric PUA CB (PUA)
DrWebTrojan.Siggen15.17774
ZillyaTool.YouXun.Win32.1104
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
EmsisoftGen:Variant.Mikey.125957 (B)
IkarusPUA.RiskWare.Youxun
GDataGen:Variant.Mikey.125957
JiangminAdWare.JS.bs
Antiy-AVLTrojan/Generic.ASMalwS.31007F3
MicrosoftTrojan:Win32/Wacatac.A!ml
AhnLab-V3PUP/Win32.Bundler.C4198931
BitDefenderThetaGen:NN.ZexaE.34084.unLfaGbgzYfj
ALYacGen:Variant.Mikey.125957
MAXmalware (ai score=100)
VBA32BScope.Adware.KuwanBar
RisingAdware.Kuwan!1.CD74 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.93909210.susgen
FortinetRiskware/YouXun
WebrootW32.Adware.Gen
AVGWin32:Malware-gen
PandaTrj/Genetic.gen

How to remove Mikey.125957?

Mikey.125957 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment