Risk

Risktool.Flystudio.16024 removal tips

Malware Removal

The Risktool.Flystudio.16024 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Risktool.Flystudio.16024 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Risktool.Flystudio.16024?


File Info:

name: 869CCD204BB19DE3314A.mlw
path: /opt/CAPEv2/storage/binaries/8b999146f36f6521f8baa3bf52c44b8df97943dd9b69f44ddfd663ad24cb01b2
crc32: 70328FF5
md5: 869ccd204bb19de3314a348bf0feda1a
sha1: 599f2b644afea8feac5540ff0c7e88121795976d
sha256: 8b999146f36f6521f8baa3bf52c44b8df97943dd9b69f44ddfd663ad24cb01b2
sha512: 80d61ff4329d47aca261f30bd75d5bd5e838803ab29ac2d1d4f0f97aba579cbc8d56471cfc821c5ee7fb6d6bc0ca18facf5fbc35f9d0980055fe889e509e5a6d
ssdeep: 24576:dpAYwa9TlAQxeHOPwZUtIP+ni/xisuSuVb+KPec:dcme8eUZUBuV8c
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T195556D13D762E463D04420B8117B273AAEB856789C278E57EFB0CCB47C697C097AB58D
sha3_384: 95bd089c2b8d30c743e588d885b854a001b45e3c3ee81ed6cb90c675d3039cc3185182bb1d434564de2d24812f22e257
ep_bytes: 558bec538b5d08568b750c578b7d1085
timestamp: 2011-11-25 18:47:35

Version Info:

FileVersion: 1.0.0.0
FileDescription: CL
ProductName: CL
ProductVersion: 1.0.0.0
CompanyName: CL
LegalCopyright: CL
Comments: CL
Translation: 0x0804 0x04b0

Risktool.Flystudio.16024 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.lwgB
ElasticWindows.Generic.Threat
CAT-QuickHealRisktool.Flystudio.16024
SkyhighBehavesLike.Win32.Generic.th
Cylanceunsafe
SangforTrojan.Win32.FlyStudio.Vk7o
K7AntiVirusAdware ( 004b87ea1 )
K7GWAdware ( 004b87ea1 )
BitDefenderThetaGen:NN.ZedlaF.36804.ov8@ainm2npb
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/FlyStudio.HackTool.A potentially unwanted
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
AvastWin32:Malware-gen
RisingVirus.Cena!1.E703 (CLASSIC)
FireEyeGeneric.mg.869ccd204bb19de3
SophosGeneric Reputation PUA (PUA)
SentinelOneStatic AI – Malicious PE
GoogleDetected
Antiy-AVLRiskWare/Win32.FlyStudio.a
Kingsoftmalware.kb.a.1000
XcitiumTrojWare.Win32.Agent.OSCF@5rs7jr
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataWin32.Trojan.BSE.1L19CCX
VaristW32/Agent.EW.gen!Eldorado
McAfeeArtemis!869CCD204BB1
VBA32BScope.Trojan.Downloader
MalwarebytesGeneric.Malware.AI.DDS
YandexTrojan.GenAsa!rqOBly5Lp+Y
IkarusTrojan-Downloader
MaxSecureTrojan.Malware.121218.susgen
FortinetRiskware/QQTen
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Risktool.Flystudio.16024?

Risktool.Flystudio.16024 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment