Malware

How to remove “Strictor.59732”?

Malware Removal

The Strictor.59732 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Strictor.59732 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Behavioural detection: Injection with CreateRemoteThread in a remote process
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Harvests cookies for information gathering
  • Creates known XtremeRAT mutexes
  • Anomalous binary characteristics

How to determine Strictor.59732?



File Info:

name: B086A2A5C8D526E7BE90.mlw
path: /opt/CAPEv2/storage/binaries/2e806b7ba57df1b44cb2d48e84942f7843c884bdb24c80635443f03ae84a5dcb
crc32: 3C011223
md5: b086a2a5c8d526e7be90613f33d1aa8e
sha1: 0be01d789933abfcf32f938666e8ed0345e4c11c
sha256: 2e806b7ba57df1b44cb2d48e84942f7843c884bdb24c80635443f03ae84a5dcb
sha512: 93661d15b10f58e953bd057829b88cdafdf5a3b2d43b46554ef85b25f8c7f777104852d0096c4a243950791f89f286bf9f4d116a6388c91134eb8bbc5475eae6
ssdeep: 49152:LJZoQrbTFZY1iaEpX5cR87HSS/fREnTwS0OZtEQi1:LtrbTA1wd5ci3REyOi1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18375D011A8C580A4C9662F30D937FE65123F7E3A6E7DF6DB5FC839210B730C1652A626
sha3_384: d888023a40ba0a666184eb9214be34c1f3324703cfd303f6d368ee603e5f6a010dac197b4a4903c8ae37bc60fa365875
ep_bytes: e816900000e989feffffcccccccccc55
timestamp: 2012-01-29 21:32:28


Version Info:

FileDescription: 
FileVersion: 3, 3, 8, 1
CompiledScript: AutoIt v3 Script: 3, 3, 8, 1
Translation: 0x0809 0x04b0

Strictor.59732 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Agent.a!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Strictor.59732
FireEyeGeneric.mg.b086a2a5c8d526e7
CAT-QuickHealTrojanPWS.AutoIt.Zbot.S
McAfeeArtemis!B086A2A5C8D5
CylanceUnsafe
VIPREGen:Variant.Strictor.59732
SangforTrojan.Win32.AutInject.8
K7AntiVirusTrojan ( 700000111 )
AlibabaTrojanDownloader:AutoIt/AutInject.d9af32ad
K7GWTrojan ( 700000111 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/AutoIt.WH.gen!Eldorado
SymantecTrojan.Zbot
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.Autoit.AHN
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan-Downloader.Win32.Agent.hehb
BitDefenderGen:Variant.Strictor.59732
NANO-AntivirusTrojan.Script.Agent.debxai
AvastWin32:GenMalicious-ID [Trj]
TencentWin32.Trojan-Downloader.Agent.Vwhl
Ad-AwareGen:Variant.Strictor.59732
EmsisoftGen:Variant.Strictor.59732 (B)
ComodoMalware@#23qwjlxhj8j7m
DrWebTrojan.PWS.Panda.655
TrendMicroTROJ_UTOTI.TYZAS
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
Trapminemalicious.high.ml.score
SophosMal/Generic-R + Troj/Autoit-AHR
GDataGen:Variant.Strictor.59732
JiangminTrojanDownloader.Agent.ewbt
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1229385
Antiy-AVLTrojan/Generic.ASBOL.C6D6
KingsoftWin32.Troj.Scarsi.v.(kcloud)
MicrosoftTrojan:Win32/AutInject
GoogleDetected
BitDefenderThetaAI:Packer.7C4A4CA216
ALYacGen:Variant.Strictor.59732
MAXmalware (ai score=99)
VBA32Backdoor.Autoit.RAT
TrendMicro-HouseCallTROJ_UTOTI.TYZAS
RisingTrojan.Obfus/Autoit!1.E028 (CLASSIC)
IkarusTrojan.Win32.Injector
MaxSecureTrojan.Autoit.AZA
FortinetW32/Injector_Autoit.AGT!tr
AVGWin32:GenMalicious-ID [Trj]
Cybereasonmalicious.5c8d52
PandaTrj/CI.A

How to remove Strictor.59732?

Strictor.59732 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment