Malware

About “Mint.Zard.5” infection

Malware Removal

The Mint.Zard.5 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mint.Zard.5 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Mint.Zard.5?



File Info:

name: E83E5EB2D24B2DCCA872.mlw
path: /opt/CAPEv2/storage/binaries/ec89bbc5219311daae7811e5e8bbabbc525243dc9c4aef9226db81e53d592342
crc32: F07AEFA9
md5: e83e5eb2d24b2dcca872e57f28843843
sha1: 141243be941938b59f5fe995d8f24d617a9bbf7d
sha256: ec89bbc5219311daae7811e5e8bbabbc525243dc9c4aef9226db81e53d592342
sha512: 78741ba1f4b486331968dbe2475851344b2121cece51ed2bd1af119169aba5f3e768fc07ee85eab2272ac6008c6b4d65ab8f6f182d53bfafcf04ef5b54bf99e8
ssdeep: 12288:cDQXlkESoxai97QfoBJNHlyZyLN3GEHK4VlukCiSi/GfqpezOls7AgRamAJgp:lXrSoxV7JJNsZG3GiK4WvCfCAgXb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18D15AF32A5A14071E6F10673BA3896345D2CAF34179094BEE3D4BE1D6EB84C16BF7293
sha3_384: 93b6665ef2d32f8590e9cb7f8212112e91bc9fe0838b5345b2dd110266093f148a11cd794891d3b1cf2215909b105f6f
ep_bytes: e81a050000e98efeffff8b4424088b4c
timestamp: 2017-11-18 19:56:00


Version Info:

CompanyName: Python Software Foundation
FileDescription: Python 3.9.2 (64-bit)
FileVersion: 3.9.2150.0
InternalName: setup
LegalCopyright: Copyright (c) Python Software Foundation. All rights reserved.
OriginalFilename: python-3.9.2-amd64.exe
ProductName: Python 3.9.2 (64-bit)
ProductVersion: 3.9.2150.0
Translation: 0x0409 0x04e4

Mint.Zard.5 also known as:

BkavW32.AIDetectMalware
DrWebWin32.Beetle.2
MicroWorld-eScanGen:Variant.Mint.Zard.5
FireEyeGeneric.mg.e83e5eb2d24b2dcc
SkyhighBehavesLike.Win32.Backdoor.cc
McAfeeGenericRXAA-AA!E83E5EB2D24B
Cylanceunsafe
SangforTrojan.Win32.Patched.Vs0w
CrowdStrikewin/malicious_confidence_60% (W)
AlibabaVirus:Win32/Senoval.b0e3c906
K7GWTrojan ( 005ad28b1 )
K7AntiVirusTrojan ( 005ad28b1 )
BitDefenderThetaAI:Packer.044F34E71F
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Mint.Zard.5
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWX [Trj]
RisingTrojan.Generic@AI.97 (RDML:vM2doNAaMqEERCxp7omIvQ)
EmsisoftGen:Variant.Mint.Zard.5 (B)
F-SecureTrojan.TR/Patched.Gen
VIPREGen:Variant.Mint.Zard.5
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
IkarusTrojan.Win32.Patched
GDataWin32.Trojan.PSE.12WYU30
GoogleDetected
AviraTR/Patched.Gen
Antiy-AVLTrojan/Win32.Sabsik
ArcabitTrojan.Mint.Zard.5
ZoneAlarmVirus.Win32.Senoval.a
MicrosoftTrojan:Win32/Convagent.AJ!MTB
VaristW32/Convagent.DP.gen!Eldorado
AhnLab-V3Trojan/Win.Generic.C5481517
VBA32BScope.TrojanDownloader.Emotet
ALYacGen:Variant.Mint.Zard.5
MAXmalware (ai score=80)
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/Genetic.gen
TencentTrojan.Win32.Pathced_ya.16001052
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWX [Trj]
DeepInstinctMALICIOUS

How to remove Mint.Zard.5?

Mint.Zard.5 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment