Malware

About “Strictor.266485 (B)” infection

Malware Removal

The Strictor.266485 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Strictor.266485 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Creates a hidden or system file
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics

How to determine Strictor.266485 (B)?



File Info:

name: EE25FC712F8231325A87.mlw
path: /opt/CAPEv2/storage/binaries/e2bd161b8784bbfcc865761ab7d7eef965770499b05e259ae85ec2e8f25c7e21
crc32: 595F42D8
md5: ee25fc712f8231325a879eadbad7370c
sha1: 6a7fef99d8543bc76a3f95d46c9ad6952ce09959
sha256: e2bd161b8784bbfcc865761ab7d7eef965770499b05e259ae85ec2e8f25c7e21
sha512: 59bc94014efcc78f759d9c6fa3fa3b79f0a6e9235ec84bfa90df517c76997c0faca43e010a82e4d625b63221748347d0bdb7427d414791fcf7f6680a57eb6035
ssdeep: 49152:6m62iMMMrffim6pmBxDZ0x+WKk/vpWvFhC3zIB3QWVdnHlIdtTN/1mpip:6L2mCimhBFGkFkHpWNhVpnFKN/1aW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12F06333BFABB374EC299423B231DDCEB61540C38BF954EBD896CA1C4099F94581E8E54
sha3_384: 6b20b5ccd13cea2697217f557d90c3deee320b950590c761119577883cf1ec98019dbeedb0d2a239f8e8536bbe4a5dc9
ep_bytes: e80ab62a006a00ff15a4e06a00c33100
timestamp: 2021-12-06 23:11:38


Version Info:

FileDescription: 7-Zip Installer
ProductName: 7-Zip
FileVersion: 21.6.0.0
ProductVersion: 21.06
LegalCopyright: Copyright (c) 1999-2021 Igor Pavlov
OriginalFilename: 7zipInstall.exe
Translation: 0x0409 0x0000

Strictor.266485 (B) also known as:

BkavW32.AIDetect.malware1
LionicTrojan.MSIL.Agent.i!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Strictor.266485
FireEyeGeneric.mg.ee25fc712f823132
McAfeeArtemis!EE25FC712F82
CylanceUnsafe
K7AntiVirusTrojan ( 005825481 )
AlibabaTrojanSpy:Win32/Quasar.50604f74
K7GWTrojan ( 005825481 )
CrowdStrikewin/malicious_confidence_70% (W)
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.FKNU
TrendMicro-HouseCallTROJ_GEN.R002C0DL721
Paloaltogeneric.ml
KasperskyTrojan-Spy.MSIL.Quasar.lin
BitDefenderGen:Variant.Strictor.266485
AvastWin32:Trojan-gen
Ad-AwareGen:Variant.Strictor.266485
EmsisoftGen:Variant.Strictor.266485 (B)
TrendMicroTROJ_GEN.R002C0DL721
McAfee-GW-EditionBehavesLike.Win32.TrojanVeil.wh
SophosMal/Generic-S
IkarusTrojan.Win32.Krypt
GDataGen:Variant.Strictor.266485
JiangminTrojanSpy.MSIL.cama
AviraHEUR/AGEN.1145594
Antiy-AVLTrojan/Win32.GenKryptik
ArcabitTrojan.Strictor.D410F5
MicrosoftVirTool:Win32/Pucrpt.A!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R442274
Acronissuspicious
VBA32BScope.Trojan.Wacatac
ALYacGen:Variant.Strictor.266485
MAXmalware (ai score=86)
MalwarebytesTrojan.Dropper
APEXMalicious
FortinetW32/Emotet.5C62!tr
AVGWin32:Trojan-gen
PandaTrj/CI.A

How to remove Strictor.266485 (B)?

Strictor.266485 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment