Malware

Strictor.48413 removal

Malware Removal

The Strictor.48413 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Strictor.48413 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to identify installed analysis tools by a known file location
  • Detects the presence of Wine emulator via registry key
  • Detects VirtualBox through the presence of a device
  • Detects VMware through the presence of a device
  • Checks for a known DeepFreeze Frozen State Mutex
  • Anomalous binary characteristics

How to determine Strictor.48413?



File Info:

name: 053ABAC380A74C6EA774.mlw
path: /opt/CAPEv2/storage/binaries/95c53b53f9d1ddc6a2912d7e8cf588861748ae934fcbf11d22e4b8a68319ec79
crc32: 21BD2FA7
md5: 053abac380a74c6ea774dc35122aece2
sha1: 0b88b4167e46762426c9b9f4fd5530465129c77f
sha256: 95c53b53f9d1ddc6a2912d7e8cf588861748ae934fcbf11d22e4b8a68319ec79
sha512: eef1d562e6b29373e022d1ddd3f3cbf936d98cb0c59fed0eacc0f24d95fd01c75e84fd0c1886755cea364a6bf51003251b37a5d65da7e638c3971f9ba853467e
ssdeep: 6144:GiivfdxwOntVbtjQ8EoeLLs4aXTWQvwEpm3qKhCQ:GX3dxXtptjQZLzaDWEYaK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F644C044B3E4D036F5C600368E61E2904E357C364766BCDFE7E1229AEAB49A5F909337
sha3_384: 277eb32a23786fc3a923ed6ea27123a625e46999f56e65b9b7f16a57328179d23316112f38475fec7c76bd0e4310c5ce
ep_bytes: e868660000e989feffff8bff558bec81
timestamp: 2013-12-30 15:46:40


Version Info:

CompanyName: TrumpleDev Software
FileDescription: Query Mva Policy Analyzator
FileVersion: 3.5.1.1
InternalName: QMEsa Analyzator
LegalCopyright: Copyright (C) 2013 TrumpleDev Software
OriginalFilename: QMEsa Analyzator
ProductName: Query Mva Policy Analyzator
ProductVersion: 3.5.1.1
Translation: 0x0409 0x04b0

Strictor.48413 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Foreign.j!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Strictor.48413
FireEyeGeneric.mg.053abac380a74c6e
ALYacGen:Variant.Strictor.48413
SangforTrojan.Win32.Generic.8
CrowdStrikewin/malicious_confidence_100% (W)
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderThetaGen:NN.ZexaF.34682.ru0@aGx3hNpi
VirITTrojan.Win32.Generic.BDNS
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.BSDG
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Strictor.48413
NANO-AntivirusTrojan.Win32.RiskGen.cshvck
SUPERAntiSpywareTrojan.Agent/Gen-Malagent
AvastWin32:Kryptik-NGG [Trj]
TencentMalware.Win32.Gencirc.114b9136
Ad-AwareGen:Variant.Strictor.48413
TACHYONTrojan/W32.Foreign.278528.J
EmsisoftGen:Variant.Strictor.48413 (B)
ComodoTrojWare.Win32.Foreign.AA@844vlh
DrWebTrojan.PWS.Panda.2401
VIPREGen:Variant.Strictor.48413
McAfee-GW-EditionBehavesLike.Win32.Emotet.dc
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan-PWS.Win32.Zbot.AJB
JiangminTrojan/Foreign.uyi
AviraHEUR/AGEN.1210195
Antiy-AVLTrojan/Generic.ASMalwS.3E7
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Strictor.48413
GoogleDetected
AhnLab-V3Trojan/Win32.Zbot.R96215
McAfeeGenericR-DAY!053ABAC380A7
MAXmalware (ai score=88)
VBA32Hoax.Foreign
RisingMalware.Undefined!8.C (TFE:5:u7uiHnX5vOQ)
YandexTrojan.Foreign!KKiKu7gRZTA
SentinelOneStatic AI – Malicious PE
FortinetW32/Zbot.PKDP!tr
AVGWin32:Kryptik-NGG [Trj]
Cybereasonmalicious.380a74
PandaTrj/Genetic.gen

How to remove Strictor.48413?

Strictor.48413 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment