Malware

Strictor.150770 malicious file

Malware Removal

The Strictor.150770 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Strictor.150770 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Strictor.150770?



File Info:

name: D41DADA70783F40CDF25.mlw
path: /opt/CAPEv2/storage/binaries/7b3d28fac956dca6a3e79b45cae2f4b87a1c944e0487afae40f316779d21084d
crc32: 5ACC8595
md5: d41dada70783f40cdf2545ce885d6308
sha1: 1b6dd367cff9b2514c58ab40824037a5cda6425b
sha256: 7b3d28fac956dca6a3e79b45cae2f4b87a1c944e0487afae40f316779d21084d
sha512: b27a605f052d346ab0f2ef63a1973145f13c785cacaa8f85167f2ec55d23cd56920deea07fff6dbfb9efec9bfb30e0725cf01518a9a6515f8e6f18851393997b
ssdeep: 196608:4UV2wfWV4uBz7ih3QL4aPnkku2Tg/f5UbV:4UV2hV466h3faNurZUB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18196D113B388617AD66F193A4E339754AA7F7A6036038E5B4BF858CC8F355402E3E647
sha3_384: 84e8dc2568f5ba7d8000618feeb762fc81b299313039fcf921eaedfdd7760a0f42ebd7ca478779e52b7b9e94826094ed
ep_bytes: 558bec83c4f0b8e8a97400e83c75cbff
timestamp: 2021-08-08 05:40:07


Version Info:

CompanyName: A little carp
FileVersion: 1.0.0.0
LegalCopyright: A little carp
LegalTrademarks: A little carp
ProductVersion: 1.0.0.0
ProgramID: com.embarcadero.LocalServer
FileDescription: LocalServer
ProductName: LocalServer
Translation: 0x0409 0x04e4

Strictor.150770 also known as:

DrWebTrojan.Siggen12.42945
MicroWorld-eScanGen:Variant.Strictor.150770
FireEyeGeneric.mg.d41dada70783f40c
ALYacGen:Variant.Strictor.150770
CylanceUnsafe
Cybereasonmalicious.70783f
CyrenW32/Trojan.DYWN-5449
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R002H09A422
KasperskyHEUR:Trojan.Win32.APosT.gen
BitDefenderGen:Variant.Strictor.150770
AvastWin32:TrojanX-gen [Trj]
Ad-AwareGen:Variant.Strictor.150770
McAfee-GW-EditionBehavesLike.Win32.Backdoor.rc
EmsisoftGen:Variant.Strictor.150770 (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Strictor.150770
AviraTR/Redcap.nkpjl
MAXmalware (ai score=84)
KingsoftWin32.Troj.Undef.(kcloud)
ArcabitTrojan.Strictor.D24CF2
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4488409
McAfeeArtemis!D41DADA70783
VBA32TScope.Trojan.Delf
APEXMalicious
RisingTrojan.APosT!8.E271 (CLOUD)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat
AVGWin32:TrojanX-gen [Trj]
PandaTrj/GdSda.A

How to remove Strictor.150770?

Strictor.150770 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment