Malware

How to remove “Strictor.276708”?

Malware Removal

The Strictor.276708 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Strictor.276708 virus can do?

  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Binary compilation timestomping detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Strictor.276708?



File Info:

name: E193E60E84F5CC7C51E9.mlw
path: /opt/CAPEv2/storage/binaries/79292b3263e593b5d6d813709f15e475b46234bc8cdd1f616c867d1b2177a9b6
crc32: 8942A1A1
md5: e193e60e84f5cc7c51e998419669ca9d
sha1: 86fd3ff1ede6271d514134d2c12bcdec20fa4c1b
sha256: 79292b3263e593b5d6d813709f15e475b46234bc8cdd1f616c867d1b2177a9b6
sha512: 621ab7b8fcb2a8f12ca92342a6e6412acd1fdf23806ba71a8bfbd356160485b1b9f0b23c8838cf36b655668875696d165ddda6ce2b40d5e0f7df3f39f8f64d6e
ssdeep: 49152:3PlauG5xQBvh5RibmLr9RELYUxMMC0DaCNFbFRnTFXJnT0UJvfIyZtw+W7SC0:dauG5xofimvEMUxM9qrHHFXJT0Q3w
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10AE5237A369486D4DF38867480441D3002B39C53F4F3A24AE3B57BBA19737EA653A637
sha3_384: 3369c5a72386d1db7e658a8f8901f80928b9c5db423f63f71d8dc98d4f9d1b7f0b542f0af0e4b2c006739f0051c1126f
ep_bytes: ff2500405b0000005f436f724578654d
timestamp: 2087-08-22 03:32:04


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: QLTK Vũ Đăng
FileVersion: 1.0.0.0
InternalName: QLTK Vũ Đăng.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: QLTK Vũ Đăng.exe
ProductName: QLTK Vũ Đăng
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Strictor.276708 also known as:

LionicTrojan.Win32.Strictor.4!c
MicroWorld-eScanGen:Variant.Strictor.276708
ClamAVWin.Malware.Msilheracles-10002329-0
FireEyeGeneric.mg.e193e60e84f5cc7c
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
ALYacGen:Variant.Strictor.276708
MalwarebytesVMProtect.Trojan.MalPack.DDS
ZillyaTrojan.VMProtect.Win32.81182
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 7000001c1 )
AlibabaTrojan:MSIL/VMProtBad.f33f253f
K7GWTrojan ( 7000001c1 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/ABRisk.YYQE-8676
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Packed.VMProtect.B
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.MSIL.Agent.gen
BitDefenderGen:Variant.Strictor.276708
NANO-AntivirusTrojan.Win32.VMProtect.jwtipd
AvastWin32:MalwareX-gen [Trj]
TencentMalware.Win32.Gencirc.13ea3510
SophosMal/VMProtBad-A
F-SecureHeuristic.HEUR/AGEN.1310005
VIPREGen:Variant.Strictor.276708
TrendMicroTROJ_GEN.R002C0REM23
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
Trapminesuspicious.low.ml.score
EmsisoftGen:Variant.Strictor.276708 (B)
IkarusPUA.VMProtect
GDataGen:Variant.Strictor.276708
AviraHEUR/AGEN.1310005
Antiy-AVLTrojan[Packed]/MSIL.VMProtect
ArcabitTrojan.Strictor.D438E4
ZoneAlarmHEUR:Trojan.MSIL.Agent.gen
MicrosoftTrojan:Win32/Conteban.A!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C5245670
Acronissuspicious
McAfeeArtemis!E193E60E84F5
MAXmalware (ai score=89)
VBA32Downloader.MSIL.gen.rexp
Cylanceunsafe
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0REM23
RisingTrojan.Agent!8.B1E (CLOUD)
SentinelOneStatic AI – Malicious PE
FortinetRiskware/Application
AVGWin32:MalwareX-gen [Trj]
Cybereasonmalicious.e84f5c
DeepInstinctMALICIOUS

How to remove Strictor.276708?

Strictor.276708 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment