Malware

NetTool.Win32.FlyScan removal tips

Malware Removal

The NetTool.Win32.FlyScan is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What NetTool.Win32.FlyScan virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine NetTool.Win32.FlyScan?



File Info:

name: 615D866336AAEE62EDB1.mlw
path: /opt/CAPEv2/storage/binaries/006ca9511b6369afd0766858c3ea64c05364d6991891f890930f70048fcf2787
crc32: A7D25ABA
md5: 615d866336aaee62edb1b99ce965efab
sha1: e185be86fea85933fd08502c74fb3f2e8cbb7582
sha256: 006ca9511b6369afd0766858c3ea64c05364d6991891f890930f70048fcf2787
sha512: ea78d72a68679018b7eca27a1f1e70b0c4cc5520c1f19814abe23a813f98984f23d5ef13f0c05147cafb42fe01f5ba6d4b2f7f88a2123e2a6844cb6d860b5c5d
ssdeep: 49152:7mq+xoJxIu7IT2ZT1Eh2/8LeACDKqiI/rBDCK:7mJoJXBf4sRiM
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CA95333AC4904C08FE9E84F7C82BE1E58745BF9DE409710FABB26CA74D06756B4ED44A
sha3_384: 84b7d0b3b142e058b4f172e68d33ec9dbe33525ee17314c90ca03881f0518ac05d4de5343871dce8f09365892e4df687
ep_bytes: 6801104300e801000000c3c3da411c6e
timestamp: 2000-05-19 10:11:55


Version Info:

0: [No Data]

NetTool.Win32.FlyScan also known as:

BkavW32.AIDetectMalware
LionicRiskware.Win32.FlyScan.1!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Heur.Zilix.1
FireEyeGeneric.mg.615d866336aaee62
SkyhighBehavesLike.Win32.Generic.tc
Cylanceunsafe
ZillyaTrojan.Black.Win32.56248
SangforTrojan.Win32.CFI.Gen
AlibabaNetTool:Win32/Black.ff52f2e9
Cybereasonmalicious.6fea85
ArcabitTrojan.Zilix.1
VirITTrojan.Win32.Generic.OSJ
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.FlyStudio potentially unwanted
APEXMalicious
Kasperskynot-a-virus:HEUR:NetTool.Win32.FlyScan.gen
BitDefenderGen:Heur.Zilix.1
NANO-AntivirusTrojan.Win32.Black.bgyyes
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.13d4f203
EmsisoftTrojan.Agent (A)
F-SecureTrojan.TR/Crypt.CFI.Gen
DrWebTrojan.Sharer.12
VIPREGen:Heur.Zilix.1
SophosMal/Behav-270
IkarusVirus.Win32.Killreg.F
WebrootW32.Malware.Gen
GoogleDetected
AviraTR/Crypt.CFI.Gen
KingsoftWin32.Troj.Undef.a
XcitiumMalware@#2thlr4op9h3ci
MicrosoftTrojan:Win32/Wacatac.A!ml
ZoneAlarmPacked.Win32.Black.d
GDataGen:Heur.Zilix.1
CynetMalicious (score: 100)
McAfeeArtemis!615D866336AA
VBA32BScope.Trojan.Downloader
MalwarebytesGeneric.Malware.AI.DDS
RisingTrojan.Win32.Generic.15622213 (C64:YzY0OpXzszHDZVWU)
YandexBackdoor.Agent!iMXGt434Whw
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetRiskware/PackagingUntrustworthyFlyStudio
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (D)

How to remove NetTool.Win32.FlyScan?

NetTool.Win32.FlyScan removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment