Malware

Strictor.109938 removal

Malware Removal

The Strictor.109938 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Strictor.109938 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine Strictor.109938?



File Info:

name: 0D5E1B01B68FBAA32B93.mlw
path: /opt/CAPEv2/storage/binaries/72d361a644a0e10d0702077508e6783486264a16b096f5db0be8920a568386f7
crc32: DCBD1678
md5: 0d5e1b01b68fbaa32b935768496ce5d0
sha1: 408dc310945b66929b8fd456c79012d5fa7e2330
sha256: 72d361a644a0e10d0702077508e6783486264a16b096f5db0be8920a568386f7
sha512: 924ba46b682ee804b815bc0e182fa010b764f164fdab8bdc226d45160ceb0f3c7202b8e6168d4b8db07d54d8291571258ab87fa846b680b40d12d1b2ac55b273
ssdeep: 192:A0LYSvCTVisnlYJLLLTA/nH74ofWNCbb+2XX66fcFYvzp:A0LdCTgJPLTA/UJR6fcOvz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A122C7160BC0C1B5EB26B373F85367F35762CC44EB12631B0510BD69B8B2AC106B55B2
sha3_384: 57c4edf33f11b2663796ac05defe59eb57e729c6d2c8dc65922e75be5909d8664931e230bb29019eb6bed203edd0a06e
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-11-26 03:06:38


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: Google Chrome.exe
LegalCopyright:  
OriginalFilename: Google Chrome.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Strictor.109938 also known as:

LionicTrojan.Win32.Genome.lxQR
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Strictor.109938
FireEyeGeneric.mg.0d5e1b01b68fbaa3
CAT-QuickHealTrojan.MSIL
ALYacGen:Variant.Strictor.109938
CylanceUnsafe
ZillyaTrojan.Hesv.Win32.1641
K7AntiVirusTrojan ( 00528e2c1 )
AlibabaTrojan:MSIL/Generic.e1be9907
K7GWTrojan ( 00528e2c1 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZemsilF.34232.am0@aGkr8on
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Generik.IVTYVMJ
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan.MSIL.Hesv.gen
BitDefenderGen:Variant.Strictor.109938
NANO-AntivirusTrojan.Win32.Hesv.icjubw
TencentMsil.Trojan.Hesv.Gvu
Ad-AwareGen:Variant.Strictor.109938
EmsisoftGen:Variant.Strictor.109938 (B)
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PB622
McAfee-GW-EditionBehavesLike.Win32.Generic.lm
Trapminesuspicious.low.ml.score
SophosMal/Generic-S
Paloaltogeneric.ml
GDataGen:Variant.Strictor.109938
AviraTR/Hesv.wksxa
GridinsoftRansom.Win32.Bladabindi.sa
ArcabitTrojan.Strictor.D1AD72
ViRobotTrojan.Win32.Z.Hesv.10752.CB
MicrosoftTrojan:Win32/Ymacco.AA3A
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.R283210
McAfeeGenericRXGT-XU!0D5E1B01B68F
MAXmalware (ai score=80)
VBA32TScope.Trojan.MSIL
MalwarebytesTrojan.Agent.V
TrendMicro-HouseCallTROJ_GEN.R002C0PB622
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:fL3i027PEjp888CqB3Fbnw)
YandexTrojan.Hesv!xd2QUOHerYg
SentinelOneStatic AI – Malicious PE
FortinetMSIL/Hesv.XU!tr
AVGWin32:Malware-gen
Cybereasonmalicious.1b68fb
PandaTrj/CI.A

How to remove Strictor.109938?

Strictor.109938 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment