Spy

NSIS:SpywareX-gen [Trj] removal tips

Malware Removal

The NSIS:SpywareX-gen [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What NSIS:SpywareX-gen [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Touches a file containing cookies, possibly for information gathering

How to determine NSIS:SpywareX-gen [Trj]?



File Info:

name: 9FB4582E9D66A2371401.mlw
path: /opt/CAPEv2/storage/binaries/54993bec5339d10acd0c18446a0d8e02d96300bfa9e803462207f6f8aa6edae8
crc32: C407CF7D
md5: 9fb4582e9d66a2371401c35fd0b361c4
sha1: f52ab8a9304e0c6698150a471f0a3874497a7409
sha256: 54993bec5339d10acd0c18446a0d8e02d96300bfa9e803462207f6f8aa6edae8
sha512: bc32a213c0269c2b9ab08dace0b21b070cbad2f876479536c8e872c63234ac3899b56d90aea024174a872434cadf740156bea40fd9de2cf27498e55e26f353e2
ssdeep: 1536:ZQpQ5EP0ijnRTXJ74Romu/TIyPOmkO+BkQfIggv:ZQIURTXJ745GOkBggv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17063CF6637C5C8B7E6271A31497397FAE7F2DB0112600A576BA4AF6F2D20183DC262C5
sha3_384: 6b282134979a5b8176c3c9dfa2cfca3acfafbe832866bd78aaf923f07fd9b1b104a65faadd607f2fd844fadd1e9d72f2
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:46


Version Info:

0: [No Data]

NSIS:SpywareX-gen [Trj] also known as:

BkavW32.Common.09036634
LionicTrojan.Win32.Windigo.l!c
SkyhighBehavesLike.Win32.Dropper.kc
McAfeeRDN/Generic PWS.y
MalwarebytesGeneric.Malware/Suspicious
SangforSpyware.Win32.Windigo.Vl5y
AlibabaTrojanSpy:Win32/Windigo.25cdbeb8
Cybereasonmalicious.9304e0
SymantecTrojan.Gen.MBT
CynetMalicious (score: 100)
APEXMalicious
KasperskyHEUR:Trojan-Spy.Win32.Windigo.gen
AvastNSIS:SpywareX-gen [Trj]
SophosMal/Generic-S
IkarusTrojan-Downloader.NSIS.Adload
VaristW32/ABRisk.JBER-1979
AviraTR/Redcap.nrfsk
Kingsoftmalware.kb.a.864
MicrosoftPUA:Win32/Caypnamer.A!ml
ZoneAlarmHEUR:Trojan-Spy.Win32.Windigo.gen
GoogleDetected
VBA32suspected of Trojan.Downloader.gen
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H06AO24
SentinelOneStatic AI – Suspicious PE
FortinetRiskware/Dloader
AVGNSIS:SpywareX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_60% (W)

How to remove NSIS:SpywareX-gen [Trj]?

NSIS:SpywareX-gen [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment