Malware

About “Mint.Zard.5” infection

Malware Removal

The Mint.Zard.5 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mint.Zard.5 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Mint.Zard.5?



File Info:

name: 8CE69B35A39EF7B10267.mlw
path: /opt/CAPEv2/storage/binaries/011e5c16de34b933c2c2d0ed6cf560cea6e7d47b8bb893984e1895e8e83c8c9e
crc32: CF18BFF2
md5: 8ce69b35a39ef7b1026719f9faf95ec0
sha1: d0c128b4b174f64cc005c52534b114cba28580eb
sha256: 011e5c16de34b933c2c2d0ed6cf560cea6e7d47b8bb893984e1895e8e83c8c9e
sha512: 01ba77ac1649b79dd5a413e1be2b80356e98e294444401b7f7a3198db45264e57bda6196a5a52ca415670ab4a412628e8736e803767b9b08bce99ac7de916df7
ssdeep: 12288:M4qyPk3XxRlO+I8F2bMsOdz81DdN3GEHzwfP4SSzOzITsTTZo8bueE7F:MyqXxRg+Z2osT1z3Gi8fPDHTDueu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12405AF3265A54013E7F102B3BE28D1307E2CAE2817648D6DE2D4FE1D6ABC4916BF7257
sha3_384: d1b1169d2266c2084f7eb206fb2132c956592d6c1a623db040c99e8ca9b312f3516619d2fcc2471a124bb9f611c9e009
ep_bytes: e81a050000e98efeffff8b4424088b4c
timestamp: 2017-11-18 19:00:21


Version Info:

CompanyName: Python Software Foundation
FileDescription: Python 3.9.2 (64-bit)
FileVersion: 3.9.2150.0
InternalName: setup
LegalCopyright: Copyright (c) Python Software Foundation. All rights reserved.
OriginalFilename: python-3.9.2-amd64.exe
ProductName: Python 3.9.2 (64-bit)
ProductVersion: 3.9.2150.0
Translation: 0x0409 0x04e4

Mint.Zard.5 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebWin32.Beetle.2
MicroWorld-eScanGen:Variant.Mint.Zard.5
FireEyeGeneric.mg.8ce69b35a39ef7b1
SkyhighBehavesLike.Win32.Backdoor.cc
ALYacGen:Variant.Mint.Zard.5
Cylanceunsafe
ZillyaBackdoor.Sinowal.Win32.22141
SangforTrojan.Win32.Patched.Vcx3
AlibabaVirus:Win32/Senoval.30828770
K7GWTrojan ( 005ad28b1 )
K7AntiVirusTrojan ( 005ad28b1 )
ArcabitTrojan.Mint.Zard.5
BitDefenderThetaAI:Packer.A8802D121F
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Mint.Zard.5
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
EmsisoftGen:Variant.Mint.Zard.5 (B)
F-SecureTrojan.TR/Patched.Gen
VIPREGen:Variant.Mint.Zard.5
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GoogleDetected
AviraTR/Patched.Gen
Antiy-AVLTrojan[Backdoor]/Win32.Sinowal
MicrosoftTrojan:Win32/Formbook!ml
ZoneAlarmVirus.Win32.Senoval.a
GDataWin32.Trojan.PSE.12WYU30
VaristW32/Convagent.DP.gen!Eldorado
AhnLab-V3Trojan/Win.Generic.C5481517
McAfeeArtemis!8CE69B35A39E
MAXmalware (ai score=86)
VBA32BScope.TrojanDownloader.Emotet
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
RisingTrojan.Generic@AI.94 (RDML:DLRdgovHno+KfpWehCQbXA)
IkarusTrojan.Win32.Patched
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS

How to remove Mint.Zard.5?

Mint.Zard.5 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment