Categories: Malware

About “Strictor.148805” infection

The Strictor.148805 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Strictor.148805 virus can do?

Executable code extraction
Presents an Authenticode digital signature
Creates RWX memory
Reads data out of its own binary image
The binary likely contains encrypted or compressed data.
Tries to unhook or modify Windows functions monitored by Cuckoo
Spoofs its process name and/or associated pathname to appear as a legitimate process
Attempts to interact with an Alternate Data Stream (ADS)

How to determine Strictor.148805?


File Info:
crc32: DA8DA102md5: 3fd87d0b4e31c79599ad8c10bac54ba2name: rabochiy_chit_na_warface_fd3-d87___.exesha1: a004981689997fe2ccafba72184638a83136a1adsha256: f65beaf261fe200488bb25b11df594ec665e34ee707072bf91964fe6fabc54fbsha512: 5ed3046bbc6edab413c5fc08011c4b6c337614de0a6352a9afc4edfe1e9aaed808a40ff22a4a6f2d163801ffc82535d17ccab4418f50b653118268c17c94a531ssdeep: 24576:rJq0MNvT8dKsllU84N2nb+NDe15Qd5ZbxKlt+Tt7J/:rJql9TOh4fDePQLZbxTt7Jtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright (C) 2017ProductVersion: 1, 0, 20, 1745FileVersion: 1, 0, 20, 1745ProductName: JSON XML Parcer ApplicationTranslation: 0x0409 0x04b0

Strictor.148805 also known as:

MicroWorld-eScan	Gen:Variant.Strictor.148805
FireEye	Generic.mg.3fd87d0b4e31c795
McAfee	Packed-LZ.d!3FD87D0B4E31
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
K7AntiVirus	Trojan ( 00518b421 )
BitDefender	Gen:Variant.Strictor.148805
K7GW	Trojan ( 00518b421 )
Cybereason	malicious.b4e31c
TrendMicro	TROJ_GEN.R002C0PEG19
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
GData	Gen:Variant.Strictor.148805
Kaspersky	not-a-virus:HEUR:AdWare.Win32.FileTour.gen
Alibaba	Trojan:Win32/Kryptik.263e3851
NANO-Antivirus	Trojan.Win32.GenKryptik.etizgo
Rising	Trojan.Generic@ML.99 (RDMK:CrYQtaOlFNYJ43KkVb72Ww)
Ad-Aware	Gen:Variant.Strictor.148805
Sophos	Mal/Generic-S
Comodo	Application.Win32.Bundler.BDE@6p0op3
F-Secure	Trojan.TR/Crypt.ZPACK.Gen
DrWeb	Trojan.LoadMoney.2499
Zillya	Adware.FileTour.Win32.47908
Invincea	heuristic
McAfee-GW-Edition	Packed-LZ.d!3FD87D0B4E31
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Strictor.148805 (B)
SentinelOne	DFI – Malicious PE
Jiangmin	AdWare.FileTour.kwy
Avira	TR/Crypt.ZPACK.Gen
MAX	malware (ai score=100)
Antiy-AVL	GrayWare[AdWare]/Win32.AdLoad
Endgame	malicious (high confidence)
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.FileTour.gen
Microsoft	SoftwareBundler:Win32/Ogimant
AhnLab-V3	Adware/Win32.AdLoad.C2189486
ALYac	Gen:Variant.Strictor.148805
VBA32	Malware-Cryptor.Kirgudu
Panda	Trj/CI.A
ESET-NOD32	a variant of Win32/Kryptik.FXPH
TrendMicro-HouseCall	TROJ_GEN.R002C0PEG19
Tencent	Win32.Trojan.Falsesign.Lplw
Yandex	PUA.AdLoad!
Ikarus	PUA.LoadMoney
Fortinet	W32/GenKryptik.AWMO!tr
AVG	Win32:DangerousSig [Trj]
Avast	Win32:DangerousSig [Trj]
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	Win32/Virus.Adware.d36