About “Trojan.Dropper.RQU.li0fayFSwfmi” infection

The Trojan.Dropper.RQU.li0fayFSwfmi is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Dropper.RQU.li0fayFSwfmi virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan.Dropper.RQU.li0fayFSwfmi?


File Info:
name: 3C45B9B5344D74980780.mlw
path: /opt/CAPEv2/storage/binaries/16074914f17ab9a68c3152e42ecbc8c4667b0efd3ffde9a699603bb5915b39c2
crc32: 56CE8B50
md5: 3c45b9b5344d74980780f2249b2d8795
sha1: 038c38b959ca7c5e6f69a3837bf61861a8499de1
sha256: 16074914f17ab9a68c3152e42ecbc8c4667b0efd3ffde9a699603bb5915b39c2
sha512: 080527fa3f7b76fa1c1f28e62d47c62b828f1fd7b51a148ed1a39258559c6de428a448e6c9aa959104bdb18ab94b1ce7b7cd891c2e599c96214525042a0488ea
ssdeep: 3072:GUz0RSXCVPWo9YeVq//6OBlU3DVJrJ5l3B+8BoN4QCt9Hvx+F1y:ERQCJBYKq/y2lU3/l36c1F
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T196041267C944FE71E12E8C774A174E681BB9D26E33585F678301097FBE203E3AE81A14
sha3_384: 7816bdd9893231ad772d22250cb98f2eb492d87e179afb906b1f4461f89314c89ddd042ef62354b9941eabbe530501f1
ep_bytes: b8807047005064ff3500000000648925
timestamp: 2014-10-01 03:17:41

Version Info:
Comments: AutoLogin VLTK Game
CompanyName: VulanPro
FileDescription: VulanLogin (AGTOOL.NET)
FileVersion: 1.0
InternalName: VulanLogin
LegalCopyright: Copyright (C) 2014
OriginalFilename: VulanLogin.exe
ProductName: VulanLogin Application
ProductVersion: 4.xx
Translation: 0x0409 0x04b0

Trojan.Dropper.RQU.li0fayFSwfmi also known as:

Lionic	Trojan.Multi.Generic.4!c
AVG	Win32:Malware-gen
MicroWorld-eScan	Gen:Trojan.Dropper.RQU.li0fayFSwfmi
FireEye	Gen:Trojan.Dropper.RQU.li0fayFSwfmi
Skyhigh	GenericRXKU-IV!59F9717E3B77
McAfee	Artemis!3C45B9B5344D
Cylance	unsafe
Zillya	Tool.GameHack.Win32.11179
Sangfor	Riskware.Win32.Agent.ky
K7AntiVirus	Riskware ( 004e19d31 )
Alibaba	RiskWare:Win32/Generic.5b34c52c
K7GW	Riskware ( 004e19d31 )
Cybereason	malicious.5344d7
BitDefenderTheta	Gen:NN.ZexaF.36802.li0fayFSwfmi
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/RiskWare.GameHack.AP
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Trojan.Dropper.RQU.li0fayFSwfmi
VIPRE	Gen:Trojan.Dropper.RQU.li0fayFSwfmi
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Trojan.Dropper.RQU.li0fayFSwfmi (B)
MAX	malware (ai score=81)
Antiy-AVL	RiskWare/Win32.Gamehack
Kingsoft	malware.kb.a.999
Microsoft	PUA:Win32/Keygen
Arcabit	Trojan.Dropper.RQU.li0fayFSwfmi
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Gen:Trojan.Dropper.RQU.li0fayFSwfmi
Google	Detected
AhnLab-V3	Malware/Win32.Generic.C4130690
VBA32	BScope.Trojan.Tiggre
ALYac	Gen:Trojan.Dropper.RQU.li0fayFSwfmi
Panda	Trj/CI.A
Rising	Malware.Undefined!8.C (TFE:5:bX3pnFhzUNB)
Yandex	Trojan.GenAsa!0zL25fi3nwo
Ikarus	PUA.RiskWare.GameHack
DeepInstinct	MALICIOUS

How to remove Trojan.Dropper.RQU.li0fayFSwfmi?

Trojan.Dropper.RQU.li0fayFSwfmi removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X