Malware

About “Symmi.6732” infection

Malware Removal

The Symmi.6732 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Symmi.6732 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Creates an autorun.inf file
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Symmi.6732?



File Info:

crc32: 649BBBEF
md5: 971b824c5d61148cda3db5faf2b7f31e
name: 971B824C5D61148CDA3DB5FAF2B7F31E.mlw
sha1: f1555098714b282823a349978e03cf530bdaa15d
sha256: 013c85cddf7ea77718d354e427fe048ee905e696b8fbe5d92457a41c29feea63
sha512: 0f91b06b5920c7c07921c1a74cc7c40240fe56a78b686633ef601c2bbab7193fbfdfe816090fe8d384c732389178cc032203e9e6a5d557e40690c58da2bbf857
ssdeep: 24576:ih9brn/FG9Pwrn/POzMQGEvGEjgnUrelTfz2al9uSReygfc/C8cU:ihJrn/w9Pwrn/POzMQGEvGEjgnGet5z7
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: x6587x4ef6x5939 x7248x6743x6240x6709
FileVersion: 1.0.0.0
CompanyName: x6587x4ef6x5939
Comments: x6587x4ef6x5939
ProductName: x6587x4ef6x5939
ProductVersion: 1.0.0.0
FileDescription: x6587x4ef6x5939
Translation: 0x0804 0x04b0

Symmi.6732 also known as:

BkavW32.FlyStudioTn.Heur
TotalDefenseWin32/SillyAutorun.ALB
MicroWorld-eScanGen:Variant.Symmi.6732
nProtectTrojan-PWS/W32.QQPass.1148978
CMCTrojan-PSW.Win32.QQPass!O
CAT-QuickHealTrojanPWS.QQpass.CI5
ALYacGen:Variant.Symmi.6732
MalwarebytesTrojan.FlyStudio
ZillyaTrojan.QQPass.Win32.21831
K7AntiVirusAdware ( 004b897e1 )
K7GWAdware ( 004b897e1 )
TheHackerTrojan/Downloader.Flystudio.gen
BaiduWin32.Trojan-PSW.QQPass.a
CyrenW32/FlyStudio.A.gen!Eldorado
SymantecW32.Daprosy
ESET-NOD32a variant of Win32/AutoRun.FlyStudio.ZG
TrendMicro-HouseCallBKDR_AGENT.AVSQ
AvastWin32:AutoRun-BFZ [Wrm]
ClamAVWin.Trojan.Agent-111655
KasperskyTrojan-PSW.Win32.QQPass.spa
BitDefenderGen:Variant.Symmi.6732
NANO-AntivirusTrojan.Win32.Agent.eaxqus
SUPERAntiSpywareTrojan.Agent/Gen-SmallDoor
Ad-AwareGen:Variant.Symmi.6732
SophosMal/PWSDLL-B
ComodoTrojWare.Win32.Agent.pkd
F-SecureTrojan:W32/Agent.DQOD
DrWebTrojan.KillProc.17623
VIPREBackdoor.Win32.FlyAgent.h (v)
McAfee-GW-EditionBehavesLike.Win32.Backdoor.tc
EmsisoftGen:Variant.Symmi.6732 (B)
F-ProtW32/FlyStudio.A.gen!Eldorado
JiangminTrojan/PSW.QQPass.qza
AviraTR/Crypt.CFI.Gen
Antiy-AVLTrojan[PSW]/Win32.QQPass.spa
MicrosoftPWS:Win32/QQpass.CI
ArcabitTrojan.Symmi.D1A4C
AegisLabTroj.PSW32.W.QQPass.spa!c
GDataGen:Variant.Symmi.6732
AhnLab-V3HEUR/Fakon.mwf
McAfeeBackDoor-DRV.gen.c
AVwareBackdoor.Win32.FlyAgent.h (v)
VBA32Backdoor.BlackHole
PandaTrj/FlyStudio.CR
ZonerI-Worm.AutoRun.FlyStudio.YZ
TencentTrojan.Win32.QQPass.n
YandexTrojan.QQPass.Gen.DM
IkarusTrojan.Win32.FlyAgent
FortinetW32/QQPass.GLE!tr.pws
AVGBackDoor.FlyAgent.D
Baidu-InternationalTrojan.Win32.InfoStealer.spa
Qihoo-360Worm.Win32.FakeFolder.DR

How to remove Symmi.6732?

Symmi.6732 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment