Malware

Symmi.48680 malicious file

Malware Removal

The Symmi.48680 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Symmi.48680 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Checks for the presence of known windows from debuggers and forensic tools
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Collects information to fingerprint the system

Related domains:

pointsteel.net
survey-smiles.com
ww1.survey-smiles.com

How to determine Symmi.48680?



File Info:

crc32: 6869CF4B
md5: d55892da53d3651eb1a48dc3eefcc26a
name: D55892DA53D3651EB1A48DC3EEFCC26A.mlw
sha1: 116ed81b119ac79fd09790dc3001530f008a53de
sha256: 9b9b888ddcf13b510817c43c1187506040d2d294229b4d1f0ba55a69e62497b9
sha512: 1dfb3e8412fdb3f19e9cdd3758e8359321693dde846e3e20e982f85b8dd2d7305cb4f7892623ecad89e7ab297e6d1627b2e8d2e560f3339701feb336ac65a55a
ssdeep: 6144:U1YNNdtnJ1lITT77oxDqaMhLXvgHVJ8CZyYNCQAMN:U1ytnJ7ITYqHXvgLzFNCcN
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: (C)Honest Co. 2007-2015 
FileVersion: 1.6.2.281
CompanyName: Honest Co.
FileDescription: Exchanging Flip Htaccess Uswcvideo Printing
LegalTrademarks: (C)Honest Co. 2007-2015 
Comments: Exchanging Flip Htaccess Uswcvideo Printing
ProductName: Textbased
ProductVersion: 1.6.2.281
PrivateBuild: 1.6.2.281
Translation: 0x0409 0x04b0

Symmi.48680 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 005420311 )
LionicTrojan.Win32.Azorult.4!c
Elasticmalicious (high confidence)
ALYacGen:Variant.Symmi.48680
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.1541400
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderGen:Variant.Symmi.48680
K7GWTrojan ( 005420311 )
Cybereasonmalicious.a53d36
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.GNCH
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-PSW.Win32.Azorult.adg
AlibabaTrojanPSW:Win32/Azorult.5031cd33
NANO-AntivirusTrojan.Win32.Azorult.ivaito
MicroWorld-eScanGen:Variant.Symmi.48680
TencentWin32.Trojan-qqpass.Qqrob.Wqcu
Ad-AwareGen:Variant.Symmi.48680
SophosMal/Generic-S
ComodoMalware@#39u0wtfh12xdh
BitDefenderThetaGen:NN.ZexaF.34170.xq0@aSJSChji
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0WEA21
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
FireEyeGeneric.mg.d55892da53d3651e
EmsisoftGen:Variant.Symmi.48680 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.PSW.Azorult.dns
AviraHEUR/AGEN.1115740
Antiy-AVLTrojan/Generic.ASMalwS.299ACD1
MicrosoftTrojan:Win32/Skeeyah.A!rfn
SUPERAntiSpywareTrojan.Agent/Gen-Loki
ZoneAlarmTrojan-PSW.Win32.Azorult.adg
GDataGen:Variant.Symmi.48680
TACHYONTrojan-PWS/W32.Azorult.377344
AhnLab-V3Malware/Win32.Generic.C2859179
Acronissuspicious
McAfeeArtemis!D55892DA53D3
MAXmalware (ai score=100)
VBA32BScope.TrojanRansom.Crypmod
MalwarebytesMachineLearning/Anomalous.93%
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002C0WEA21
RisingTrojan.Generic@ML.89 (RDML:jDn/wE7McGog9l8w9vfkrw)
YandexTrojan.PWS.Azorult!ssPmjq6Gq54
IkarusTrojan-Ransom.GandCrab
FortinetW32/Kryptik.GNCH!tr
Paloaltogeneric.ml

How to remove Symmi.48680?

Symmi.48680 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment