Malware

Strictor.8385 removal guide

Malware Removal

The Strictor.8385 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Strictor.8385 virus can do?

  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Deletes executed files from disk
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Strictor.8385?



File Info:

name: 02658D700DF20D5EEB39.mlw
path: /opt/CAPEv2/storage/binaries/3a772d308699b3fd543144086374c3ce15504b30b0c78ddccacc9f00befc0c1f
crc32: EBCC752A
md5: 02658d700df20d5eeb39c9e2d236036c
sha1: c6aaa23c4b52339443f07643ac73ee55a0382dab
sha256: 3a772d308699b3fd543144086374c3ce15504b30b0c78ddccacc9f00befc0c1f
sha512: b530b12d560e4ee8e6c37bef1b0924929d63970412d83cddc99a6da7e35a28110fb036679ec3cc12102ead3d59084155e243e776d3d31a24de61205540417416
ssdeep: 768:PHcpCAPMyIgufxOCCqzCMUO+ClEYVTsgJRCXbJ2Z6fnJ/GneMG9nAc76BA:oOlyO+rtgJRQcZ6fJ/ueMBKv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D153F752B68125B7EC2A9D3490D3EE3F5B20BC22D9211E5AC7C03E277831D62B925F57
sha3_384: f597d5ab7940da76488be0758f7da3fb4c77ea289744b81a39559581365660e972d8736e3330dd054a9da36e8428d5ea
ep_bytes: 5589e583ec18c7042402000000ff15c8
timestamp: 2011-05-29 14:34:50


Version Info:

CompanyName: 北京用友软件
FileDescription: 
FileVersion: 6, 1, 7600, 16388
InternalName: 
LegalCopyright: 北京用友软件 CopyRigth 2011
LegalTrademarks: 
OriginalFilename: YONGYOU.exe
ProductName: 北京用友软件
ProductVersion: 6.1.7600.16388
Translation: 0x0804 0x04b0

Strictor.8385 also known as:

LionicTrojan.Win32.Dorifel.b!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Strictor.8385
ALYacGen:Variant.Strictor.8385
MalwarebytesGeneric.Malware/Suspicious
VIPREGen:Variant.Strictor.8385
SangforDropper.Win32.Agent.V5db
K7AntiVirusTrojan ( 004cf0d91 )
AlibabaTrojanDropper:Win32/Dorifel.7396b812
K7GWTrojan ( 004cf0d91 )
Cybereasonmalicious.00df20
BaiduWin32.Trojan.QQSpy.b
VirITTrojan.Win32.Generic.AOWZ
CyrenW32/Trojan.EGOC-8683
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDropper.Agent.QQH
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.Strictor.8385
NANO-AntivirusTrojan.Win32.Trojan-Dropper.ttmum
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.10b5bb52
EmsisoftGen:Variant.Strictor.8385 (B)
F-SecureHeuristic.HEUR/AGEN.1343129
DrWebTrojan.MulDrop3.55759
ZillyaDropper.Dorifel.Win32.4759
TrendMicroTROJ_GEN.R002C0PB523
McAfee-GW-EditionGenericR-EHJ!02658D700DF2
FireEyeGeneric.mg.02658d700df20d5e
SophosMal/Generic-S
GDataGen:Variant.Strictor.8385
JiangminTrojanDropper.Dorifel.xp
WebrootW32.Trojan.Gen
GoogleDetected
AviraHEUR/AGEN.1343129
MAXmalware (ai score=100)
Antiy-AVLTrojan[Dropper]/Win32.Dorifel
XcitiumMalware@#1t847veirchl
ArcabitTrojan.Strictor.D20C1
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
McAfeeGenericR-EHJ!02658D700DF2
TACHYONTrojan-Dropper/W32.Dorifel.66560.B
VBA32Trojan.Genome.xg
Cylanceunsafe
PandaGeneric Malware
TrendMicro-HouseCallTROJ_GEN.R002C0PB523
RisingDropper.Dorifel!8.31E (TFE:5:oOYoAnPc37M)
YandexTrojan.GenAsa!ZysSlWEUf0E
IkarusTrojan-Dropper.Win32.Dorifel
MaxSecureTrojan.Malware.4086447.susgen
FortinetW32/Dorifel.BTJ!tr
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Strictor.8385?

Strictor.8385 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment