About "Strictor.258849" infection

The Strictor.258849 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Strictor.258849 virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
Reads data out of its own binary image
Unconventionial language used in binary resources: Spanish (Modern)
Executed a process and injected code into it, probably while unpacking
Network activity detected but not expressed in API logs
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Strictor.258849?


File Info:
crc32: 34D574F8
md5: 7f9b1a5c2a8036e2cbe9a83f12037cef
name: 7F9B1A5C2A8036E2CBE9A83F12037CEF.mlw
sha1: e2cd9c833106633964252f8241844a0b74ad6345
sha256: bac945aa0c4c42d3efd60b4192a27281ca06c48239d6e404ef6cefbe45483085
sha512: d20d660ecc72fb6838c6d06f7c14c5f5a8ddf051fee425895f9a0dbd9ae5177a460fa741811030b17b927f6c96df65785bd4de94a29c39d5e73ae1a3581533fb
ssdeep: 12288:qyaNaIYMpB44qDt4qEMeAle4q0PIbNhxm358CfTORrytP7kfPCnzJ9Ql6SdCKTS8:qyyaMAgMeOPIbNhxm358CSReBYsDMoA
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0c0a 0x04b0
LegalCopyright: Copyright xa9 2011 Nikyts software - Informxe1tica e tecnologia
InternalName: Project2
FileVersion: 1.00.0004
CompanyName: Nikyts software
LegalTrademarks: Nelson do Carmo
Comments: www.nikyts.com
ProductName: VBMovieManager
ProductVersion: 1.00.0004
FileDescription: VBMovieManager.exe
OriginalFilename: Project2.exe

Strictor.258849 also known as:

K7AntiVirus	Riskware ( 0040eff71 )
DrWeb	BackDoor.Comet.3412
Cynet	Malicious (score: 99)
CAT-QuickHeal	PUA.WacapewVMF.S20642302
ALYac	Gen:Variant.Strictor.258849
Cylance	Unsafe
Zillya	Backdoor.DarkKomet.Win32.49089
Sangfor	Trojan.Win32.Wacatac.B
CrowdStrike	win/malicious_confidence_70% (W)
Alibaba	Ransom:Win32/GandCrypt.00227853
K7GW	Riskware ( 0040eff71 )
Cyren	W32/VB.HE.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/GenKryptik.FEHU
APEX	Malicious
Avast	Win32:KeyloggerX-gen [Trj]
Kaspersky	Trojan-Ransom.Win32.GandCrypt.jmz
BitDefender	Gen:Variant.Strictor.258849
NANO-Antivirus	Trojan.Win32.Androm.iutfmi
MicroWorld-eScan	Gen:Variant.Strictor.258849
Tencent	Malware.Win32.Gencirc.10ce7dba
Ad-Aware	Gen:Variant.Strictor.258849
Sophos	Mal/Generic-S
BitDefenderTheta	Gen:NN.ZevbaF.34050.Ln2@aCU0ctN
TrendMicro	Ransom_GandCrypt.R002C0PGM21
McAfee-GW-Edition	GenericRXOI-IF!7F9B1A5C2A80
FireEye	Gen:Variant.Strictor.258849
Emsisoft	Gen:Variant.Strictor.258849 (B)
Jiangmin	Trojan.GandCrypt.anu
Avira	BDS/DarkKomet.iyani
Antiy-AVL	Trojan/Generic.ASMalwS.32C9E49
Microsoft	Trojan:Win32/Woreflint.A!cl
Arcabit	Trojan.Strictor.D3F321
GData	Gen:Variant.Strictor.258849
AhnLab-V3	Trojan/Win.Generic.R430621
McAfee	GenericRXOI-IF!7F9B1A5C2A80
MAX	malware (ai score=80)
VBA32	Backdoor.DarkKomet
Malwarebytes	Vobfus.Worm.Evasion.DDS
Panda	Trj/CI.A
TrendMicro-HouseCall	Ransom_GandCrypt.R002C0PGM21
Yandex	Backdoor.DarkKomet!lu2fxBuK2Eg
Ikarus	Trojan.Win32.Krypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/GenKryptik.FEHU!tr
AVG	Win32:KeyloggerX-gen [Trj]
Paloalto	generic.ml
Qihoo-360	Win32/Ransom.GandCrab.HgIASY4A

How to remove Strictor.258849?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “Strictor.258849” infection