Malware

Mint.Zard.5 removal

Malware Removal

The Mint.Zard.5 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mint.Zard.5 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Arabic (Qatar)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Mint.Zard.5?



File Info:

name: DC2FD76B44C59138FF48.mlw
path: /opt/CAPEv2/storage/binaries/1a7455f202d5ad147e7ce2423c017a3ee1317cd2d01854de356e0eed3a8e0711
crc32: 0E264564
md5: dc2fd76b44c59138ff484f175b791436
sha1: d0462ccabd1ea83401dc7ca0d9a8c1ed32f76d7f
sha256: 1a7455f202d5ad147e7ce2423c017a3ee1317cd2d01854de356e0eed3a8e0711
sha512: 7fde608d12816a7778eb62d32358ca7e5179ec58f85b168050465d451a3fc795ec16c7a332d8d02805fb99ba5be7fe347f4b3f434f9822825cabb668ef50946e
ssdeep: 49152:EoAaS/QQoiDsS1IKKRYXtGdz1DlQcz4O8b8ITDnliebbCQxWH9JnIoYj/P:EoT+JowuQtGdzJl8WPnuT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11506B02126D5CFD1D26F2070DDAABAF6601BAD20CF550FCB6D807E1935305E2AA3661F
sha3_384: d89446e3d6ffc25787bc5d3c1f655d924ba06828ea1fcb2cf6a54da6c01e63d3da0efde7b2d3861627440533c0761b1e
ep_bytes: e89d010000e9c81d1500cccccccccccc
timestamp: 2021-02-25 00:21:21


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: Adobe Acrobat Reader DC 
FileVersion: 21.1.20142.424128
LegalCopyright: Copyright 1984-2021 Adobe Systems Incorporated and its licensors. All rights reserved.
ProductName: Adobe Acrobat Reader DC
ProductVersion: 21.1.20142.424128
OriginalFilename: AcroRd32.exe
Translation: 0x0409 0x04e4

Mint.Zard.5 also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.Senoval.n!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Mint.Zard.5
FireEyeGeneric.mg.dc2fd76b44c59138
SkyhighBehavesLike.Win32.Sality.wh
ALYacGen:Variant.Mint.Zard.5
Cylanceunsafe
ZillyaTrojan.Patched.Win32.173839
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ab4bf1 )
AlibabaBackdoor:Win32/Senoval.f448a09b
K7GWTrojan ( 005ab4bf1 )
ArcabitTrojan.Mint.Zard.5
BitDefenderThetaGen:NN.ZexaF.36744.RB0@aClnm4ji
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Mint.Zard.5
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
EmsisoftGen:Variant.Mint.Zard.5 (B)
F-SecureTrojan.TR/Patched.Gen
DrWebWin32.Beetle.2
VIPREGen:Variant.Mint.Zard.5
TrendMicroTROJ_GEN.R002C0XLT23
Trapminemalicious.high.ml.score
SophosMal/Generic-S
GoogleDetected
AviraTR/Patched.Gen
Antiy-AVLTrojan/Win32.Patched
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmVirus.Win32.Senoval.a
GDataWin32.Trojan.PSE.12NKJZC
VaristW32/Patched.GQ1.gen!Eldorado
AhnLab-V3Malware/Win.Generic.C5482197
McAfeeArtemis!DC2FD76B44C5
MAXmalware (ai score=85)
VBA32BScope.TrojanDownloader.Emotet
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/Chgt.AC
TrendMicro-HouseCallTROJ_GEN.R002C0XLT23
RisingTrojan.Generic@AI.100 (RDML:RrWZ8NMVOdpskCd6A4iyIg)
IkarusTrojan.Win32.Patched
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Mint.Zard.5?

Mint.Zard.5 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment