Malware

Strictor.266485 malicious file

Malware Removal

The Strictor.266485 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Strictor.266485 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Creates a hidden or system file
  • CAPE detected the QuasarRAT malware family
  • Anomalous binary characteristics

How to determine Strictor.266485?



File Info:

name: F46C86D6205C133DF739.mlw
path: /opt/CAPEv2/storage/binaries/7fdd18139a8bf0a150bf07eeedc1d1aa7d266a62f29ef15409a8cfdb9ebc5058
crc32: 0A72A0EA
md5: f46c86d6205c133df739e78b895f1ad5
sha1: 9bd0c51e94d38bd1eb338b4ef872a15fa167a652
sha256: 7fdd18139a8bf0a150bf07eeedc1d1aa7d266a62f29ef15409a8cfdb9ebc5058
sha512: df6b36181131441cc979b8fe39972b500865a6e67467c17d6af7f1fc3b4f8291df60d2fa01e45138333e26617531605adc4da5767a617729b48c1c8adecb72a5
ssdeep: 49152:R9jBY/Wth0EHKbhkB6a0c/K6nldoAWUj3QWz3p7w0HiqLbRpkA2T97GWcU:zj6+tmqKegyKgoRU3icie49yWcU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F616330ABC753546F100E231A1BBFF96B093550A83D4AB7D9309AE4E1BDD71A819DF32
sha3_384: 7165a992ae6ca91d02a547ff15dfde6a81fc8ba186620f4b600b23704af8fa4ce8526cffc31064e3a5fa680a4f046499
ep_bytes: e8516128006a00ff15a4906800c3ad00
timestamp: 2021-12-03 22:40:24


Version Info:

FileDescription: 7-Zip Installer
ProductName: 7-Zip
FileVersion: 21.6.0.0
ProductVersion: 21.06
LegalCopyright: Copyright (c) 1999-2021 Igor Pavlov
OriginalFilename: 7zipInstall.exe
Translation: 0x0409 0x0000

Strictor.266485 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.MSIL.Quasar.l!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.f46c86d6205c133d
McAfeeGenericRXQJ-SK!F46C86D6205C
CylanceUnsafe
K7AntiVirusTrojan ( 005825481 )
AlibabaTrojanSpy:Win32/Quasar.f0020c0e
K7GWTrojan ( 005825481 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.FKNU
APEXMalicious
AvastWin32:Trojan-gen
KasperskyTrojan-Spy.MSIL.Quasar.lho
BitDefenderGen:Variant.Strictor.266485
MicroWorld-eScanGen:Variant.Strictor.266485
TencentWin32.Trojan.Genkryptik.Ecae
Ad-AwareGen:Variant.Strictor.266485
EmsisoftGen:Variant.Strictor.266485 (B)
DrWebTrojan.Siggen15.64499
TrendMicroTROJ_GEN.R002C0DL621
McAfee-GW-EditionGenericRXQJ-SK!F46C86D6205C
SophosMal/Generic-S
Paloaltogeneric.ml
GDataGen:Variant.Strictor.266485
JiangminHoax.BAT.aq
AviraHEUR/AGEN.1145594
GridinsoftRansom.Win32.Wacatac.sa
ArcabitTrojan.Strictor.D410F5
MicrosoftVirTool:Win32/Pucrpt.A!MTB
AhnLab-V3Trojan/Win.Generic.R442274
Acronissuspicious
ALYacGen:Variant.Strictor.266485
MAXmalware (ai score=87)
VBA32BScope.Trojan.Wacatac
MalwarebytesTrojan.Dropper
TrendMicro-HouseCallTROJ_GEN.R002C0DL621
IkarusTrojan.Win32.Krypt
FortinetW32/Emotet.5C62!tr
AVGWin32:Trojan-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Strictor.266485?

Strictor.266485 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment