Malware

About “Symmi.6468 (B)” infection

Malware Removal

The Symmi.6468 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Symmi.6468 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Authenticode signature is invalid

How to determine Symmi.6468 (B)?



File Info:

name: 9435115D3C96FA6604A7.mlw
path: /opt/CAPEv2/storage/binaries/66b867c0f611b28c7a741c6843397cd64b9bbb4feed57fadbce1fad7ba8e4884
crc32: 9F706CB3
md5: 9435115d3c96fa6604a77e88057bdca1
sha1: 8df4ea85b937dab58e958465af0182c1d52e49de
sha256: 66b867c0f611b28c7a741c6843397cd64b9bbb4feed57fadbce1fad7ba8e4884
sha512: 2a888388bd205712b44647d9d6d795d207ac99e83097729204ef3054ca68520584c4e41d82e5fbb6f0dc8f9f528453ed08f9ef82d9ee28dc3caa72bccc1a7c22
ssdeep: 24576:0Pav1un3kWqqkt0gfIUYj09fAL3dT3xM9Fno/mP2VjrG3X/ttbZ9eb+D8wH6ZgFJ:0oxkM/jaa/6ZM4fjaXNOF6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T141A55C23F221C852D11A26B5A3720A287DFC0B5558F4C56BFFDCADB05F726218BAE50D
sha3_384: fc7103d098da8d832f44adb364cd57da5e9ce044a50a395231407b239ba38e5126966deb55435d59e427d9e53e476bcf
ep_bytes: 558bec6aff68203b51006800da4f0064
timestamp: 2022-04-04 16:54:02


Version Info:

0: [No Data]

Symmi.6468 (B) also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Symmi.6468
CAT-QuickHealTrojan.Generic.2919
ALYacGen:Variant.Symmi.6468
CylanceUnsafe
Sangfor[ARMADILLO V1.71]
CrowdStrikewin/malicious_confidence_60% (D)
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.BlackMoon.A potentially unwanted
APEXMalicious
ClamAVWin.Dropper.Tiggre-9845940-0
BitDefenderGen:Variant.Symmi.6468
AvastWin32:TrojanX-gen [Trj]
Ad-AwareGen:Variant.Symmi.6468
EmsisoftGen:Variant.Symmi.6468 (B)
McAfee-GW-EditionBehavesLike.Win32.Generic.vh
FireEyeGeneric.mg.9435115d3c96fa66
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
GDataWin32.Trojan.PSE.11N2JTZ
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.C4637795
McAfeeGenericRXAA-FA!9435115D3C96
MAXmalware (ai score=87)
VBA32BScope.Trojan.StartPage
MalwarebytesMalware.AI.1393444659
RisingTrojan.Generic@AI.100 (RDMK:cmRtazr7fYj9sijLOoK/EEq9/dAt)
IkarusExploit.Win32.MS
FortinetW32/CoinMiner.ESFJ!tr
BitDefenderThetaGen:NN.ZexaF.34638.aoX@aKVH8e
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.d3c96f

How to remove Symmi.6468 (B)?

Symmi.6468 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment