Categories: Malware

Strictor.282047 removal instruction

The Strictor.282047 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Strictor.282047 virus can do?

Behavioural detection: Executable code extraction – unpacking
Sample contains Overlay data
Presents an Authenticode digital signature
Uses Windows utilities for basic functionality
Reads data out of its own binary image
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid
Behavioural detection: Injection (inter-process)
Behavioural detection: Transacted Hollowing
Attempted to write directly to a physical drive
Attempts to modify proxy settings
Touches a file containing cookies, possibly for information gathering
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Strictor.282047?


File Info:
name: 333B5807695F5F66C5E0.mlwpath: /opt/CAPEv2/storage/binaries/88e90da1940875f30ef70bff819dd027654226141b4589d268340fd7e2908054crc32: 29E8E0D6md5: 333b5807695f5f66c5e083201a347297sha1: e1c183fadeb3a00cd035c7456b4f435b7472bf7bsha256: 88e90da1940875f30ef70bff819dd027654226141b4589d268340fd7e2908054sha512: 4aae67432a58b8cc53434ebc6b1c8d0cc99d91fe680da524e33c33eba577173e68d90212ac2c7bd0d0a427fc466a7575e3c0a835c2adedb9dfdcd9b3976a6beessdeep: 49152:4BkgabzPS4LgM04eHscpydqNB9C2O8jY93emD46TweL/PtuXHjXDGiiKbQx+xnvo:IpOP/+/UU4wu/PwXDXD0CCBnbAOtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T13036AE213A42C03AE9A10171967DEBBA586D7A310F3590D7E3C82F6F19709D37A36E17sha3_384: c8aebbe08a8c3c3592601e276c3398387963e258ab4949d1638a80eabf213b9eadfe6fdf7527dae4cbb84a3dbe17cf2dep_bytes: e8ed060000e925feffffc3558bec8b45timestamp: 2023-07-26 03:13:49
Version Info:
FileDescription: 鲁大师 硬件防护中心FileVersion: 5.1023.2400.726InternalName: ComputerZTrayLegalCopyright: 版权所有  (C) 2008-2023 www.ludashi.comOriginalFilename: ComputerZTray.exeProductName: 鲁大师 硬件防护中心ProductVersion: 5.1023.2400.726Translation: 0x0409 0x04b0

Strictor.282047 also known as:

Lionic	Trojan.Win32.Ludashi.4!c
DrWeb	Trojan.DownLoader45.64027
MicroWorld-eScan	Gen:Variant.Strictor.282047
FireEye	Gen:Variant.Strictor.282047
Skyhigh	Artemis
ALYac	Gen:Variant.Strictor.282047
Cylance	unsafe
VIPRE	Gen:Variant.Strictor.282047
BitDefender	Gen:Variant.Strictor.282047
K7GW	Adware ( 005a42db1 )
K7AntiVirus	Adware ( 005a42db1 )
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Ludashi.A potentially unwanted
NANO-Antivirus	Trojan.Win32.Ludashi.jyaajj
Rising	PUF.Ludashi!8.17698 (TFE:5:uyMZpSNRJkO)
Sophos	Qihoo 360-related low reputation certificate (PUA)
Emsisoft	Gen:Variant.Strictor.282047 (B)
MAX	malware (ai score=85)
Arcabit	Trojan.Strictor.D44DBF
GData	Gen:Variant.Strictor.282047
AhnLab-V3	Malware/Win.Generic.R601507
McAfee	Artemis!333B5807695F
DeepInstinct	MALICIOUS
Malwarebytes	PUP.Optional.ChinAd.DDS
Ikarus	PUA.Ludashi
MaxSecure	Adware.W32.Burden.gen_246358
Fortinet	Riskware/Ludashi
AVG	Win32:Malware-gen
Avast	Win32:Malware-gen