Malware

Nemesis.31398 removal

Malware Removal

The Nemesis.31398 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Nemesis.31398 virus can do?

  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Deletes executed files from disk

How to determine Nemesis.31398?



File Info:

name: 1BB383B66ABDA9BDA925.mlw
path: /opt/CAPEv2/storage/binaries/ac5767e6a8f970ce7eb3d74ac4e88053896c65481a7c72f511e6f4c18afd268b
crc32: F993E836
md5: 1bb383b66abda9bda92552c4cd4ecd85
sha1: b451dd611623b4b4d2c4c93e9bc7ab3d36d2cc0e
sha256: ac5767e6a8f970ce7eb3d74ac4e88053896c65481a7c72f511e6f4c18afd268b
sha512: f2caa9a19329b45addaf7430b486cba047ba2bbde5f7d1ac8366b04b99a7c401ebf62973ba843ff3c135a9b7de83c72f1e598f543c3a8361204e020e71dc06c6
ssdeep: 1536:SpgpHzb9dZVX9fHMvG0D3XJy4Romu/TeWi/7IGlf2mBi3nL:QgXdZt9P6D3XJy45NWiz7OhnL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A573E00BB5C0CDB7D6A70632097BA7BAD7F7CA98025017530B957F7F2D221674C1A294
sha3_384: 2a2ce35db46af912cbda14e68586afef6b3f7035b01df92795e336c20f4d3bc323a23b9df2308edeea1e5939d11f4403
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:52


Version Info:

0: [No Data]

Nemesis.31398 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Windigo.l!c
MicroWorld-eScanGen:Variant.Nemesis.31398
SangforTrojan.Win32.Agent.V2zh
CrowdStrikewin/grayware_confidence_90% (W)
AlibabaTrojanSpy:Win32/Windigo.d7aa1b69
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Spy.Win32.Windigo.gen
BitDefenderGen:Variant.Nemesis.31398
AvastNSIS:AdwareX-gen [Adw]
EmsisoftGen:Variant.Nemesis.31398 (B)
VIPREGen:Variant.Nemesis.31398
FireEyeGen:Variant.Nemesis.31398
SophosGeneric Reputation PUA (PUA)
GDataGen:Variant.Nemesis.31398
GoogleDetected
MAXmalware (ai score=87)
Antiy-AVLTrojan[Spy]/Win32.Windigo.gen
Kingsoftmalware.kb.a.980
ArcabitTrojan.Nemesis.D7AA6
ZoneAlarmHEUR:Trojan-Spy.Win32.Windigo.gen
MicrosoftProgram:Win32/Wacapew.C!ml
VaristW32/Hicrazyk.A.gen!Eldorado
VBA32suspected of Trojan.Downloader.gen
ALYacGen:Variant.Nemesis.31398
Cylanceunsafe
IkarusTrojan-Downloader.NSIS.Adload
MaxSecureTrojan.Malware.121218.susgen
FortinetNSIS/Adload.DS!tr
AVGNSIS:AdwareX-gen [Adw]
Cybereasonmalicious.11623b
DeepInstinctMALICIOUS

How to remove Nemesis.31398?

Nemesis.31398 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment