Malware

Sf:FiestaEK-A removal tips

Malware Removal

The Sf:FiestaEK-A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Sf:FiestaEK-A virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Possible date expiration check, exits too soon after checking local time
  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid

How to determine Sf:FiestaEK-A?



File Info:

name: 2C3487A53A4DC75191BA.mlw
path: /opt/CAPEv2/storage/binaries/c0e5a0cb7df18d8a48bd5f3f0af4ea3452773ec796f42e98f9221ea735653689
crc32: F109B73C
md5: 2c3487a53a4dc75191ba3d051421794c
sha1: f2604c16b8c630bae44b6051b79f4679c8796939
sha256: c0e5a0cb7df18d8a48bd5f3f0af4ea3452773ec796f42e98f9221ea735653689
sha512: 22b2f33a4150b839b43939b01c836945361d06577084a41978ce923ab324a66b67fcd157b50e835f71ffe673d909cff9d5f488a0169e8ce2af5518281548913f
ssdeep: 768:M8AQ5q+z46dopMwBshM1UVqU34Jdz5vOKh:M7+0A051UVqY4X9OKh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F6034B0FED878033EB9508710ABB83458B7EBC5237D5286B7B90765E1F70790D95B06A
sha3_384: 1911c37e33a71f1e46872940ef125167dcd5165351b191d7521b75cd4141d15ee0831bad03f2784725a20876fb0fe1f3
ep_bytes: e881040000e936fdffff8bff558bec81
timestamp: 2022-02-03 03:42:05


Version Info:

ProductVersion: 1, 0, 0, 1
Translation: 0x0409 0x04b0

Sf:FiestaEK-A also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 99)
FireEyeGeneric.mg.2c3487a53a4dc751
CAT-QuickHealTrojan.Panot.100160
McAfeeGenericRXAA-FA!2C3487A53A4D
CylanceUnsafe
CyrenW32/Agent.DFP.gen!Eldorado
ESET-NOD32a variant of Win32/TrojanDownloader.Small.BHI
APEXMalicious
KasperskyHEUR:Trojan.Win32.Agent.gen
BitDefenderGen:Variant.Fragtor.22492
MicroWorld-eScanGen:Variant.Fragtor.22492
AvastSf:FiestaEK-A
EmsisoftGen:Variant.Fragtor.22492 (B)
TrendMicroMal_DLDER
McAfee-GW-EditionBehavesLike.Win32.BadFile.nm
SophosGeneric ML PUA (PUA)
AviraTR/Downloader.Gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmUDS:Trojan-GameThief.Win32.Latot.gen
GDataGen:Variant.Fragtor.22492
VBA32BScope.Trojan.Agent
MAXmalware (ai score=82)
MalwarebytesMalware.AI.1602202317
TrendMicro-HouseCallMal_DLDER
RisingMalware.Undefined!8.C (TFE:dGZlOgVGuIu906ZKKg)
IkarusTrojan-Downloader.Win32.Small
BitDefenderThetaGen:NN.ZexaF.34182.cq0@a0DP9CmO
AVGSf:FiestaEK-A

How to remove Sf:FiestaEK-A?

Sf:FiestaEK-A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment