Trojan

How to remove “Trojan.ExplorerHijack.dmGfaKe3Q3o”?

Malware Removal

The Trojan.ExplorerHijack.dmGfaKe3Q3o is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.ExplorerHijack.dmGfaKe3Q3o virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan.ExplorerHijack.dmGfaKe3Q3o?



File Info:

name: 6CB5C36873EE2C4A7F77.mlw
path: /opt/CAPEv2/storage/binaries/19fe41dfa00a1686dac4f52d84dcdb4a60bb064653038735340fa1fbe35e8f71
crc32: CD493FE4
md5: 6cb5c36873ee2c4a7f774b07037bbd90
sha1: 8239e5bf6a79b2b662381d5478035bf145982e92
sha256: 19fe41dfa00a1686dac4f52d84dcdb4a60bb064653038735340fa1fbe35e8f71
sha512: 9ae140ec44c6cfd6b51ae87649c7f7fa518e828a28ce89704a7bd9e9d603e7d2db1720c2ad1b4a7f79c16a6267a523e0193036aa487b29b012b47d0b5f6b39f2
ssdeep: 1536:WfEUf+qdxl/Bc9YlL9XN1+ybLbw6CRwVjBYBmvo/3Y:WcUfbdXccL9XZbgiVymQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13A53022FF6294AC4D2474E34D29BD7B232D762419DB9441E63F301C134EF01E7AEA499
sha3_384: a6342bad755cd7e8fb4ccc37c3aaf910f685beb1983f5d6aea2860d669839673c62fb20014b5f023024c8f3079e530f3
ep_bytes: 60be001041008dbe0000ffff5783cdff
timestamp: 2011-11-08 02:52:03


Version Info:

0: [No Data]

Trojan.ExplorerHijack.dmGfaKe3Q3o also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Trojan.ExplorerHijack.dmGfaKe3Q3o
FireEyeGen:Trojan.ExplorerHijack.dmGfaKe3Q3o
MalwarebytesMalware.Heuristic.1003
VIPREGen:Trojan.ExplorerHijack.dmGfaKe3Q3o
SangforSuspicious.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
AlibabaBackdoor:Win32/Poison.9c65e648
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.873ee2
SymantecML.Attribute.HighConfidence
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Inject.deyw
BitDefenderGen:Trojan.ExplorerHijack.dmGfaKe3Q3o
NANO-AntivirusTrojan.Win32.Inject.dgjxgd
AvastWin32:TrojanX-gen [Trj]
TencentWin32.Trojan.Inject.Pjgl
Ad-AwareGen:Trojan.ExplorerHijack.dmGfaKe3Q3o
EmsisoftGen:Trojan.ExplorerHijack.dmGfaKe3Q3o (B)
ComodoTrojWare.Win32.GameThief.Magania.~NWABX@187zwk
DrWebTrojan.Inject.56952
ZillyaTrojan.Inject.Win32.37719
TrendMicroBKDR_POISON.SM3
McAfee-GW-EditionBehavesLike.Win32.Picsys.qc
Trapminemalicious.high.ml.score
SophosTroj/Agent-VGB
SentinelOneStatic AI – Malicious PE
GDataGen:Trojan.ExplorerHijack.dmGfaKe3Q3o
JiangminTrojan/Inject.abbz
WebrootW32.Injector.Gen
AviraBDS/Poison.BG.9
Antiy-AVLTrojan/Generic.ASMalwS.3303
KingsoftWin32.Troj.Generic.a.(kcloud)
ArcabitTrojan.ExplorerHijack.dmGfaKe3Q3o
ViRobotTrojan.Win32.A.Inject.60928.A[UPX]
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win32.Agent.R23630
BitDefenderThetaGen:NN.ZexaF.34784.dmGfaKe3Q3o
ALYacGen:Trojan.ExplorerHijack.dmGfaKe3Q3o
MAXmalware (ai score=100)
VBA32Trojan.Agent
CylanceUnsafe
TrendMicro-HouseCallBKDR_POISON.SM3
RisingBackdoor.Poison!8.2D7 (TFE:5:Qd9t4IkqveR)
YandexTrojan.GenAsa!ZNXliQe3cmg
IkarusVirus.Win32.Agent.BQC
FortinetW32/Injector.DAP!tr
AVGWin32:TrojanX-gen [Trj]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.ExplorerHijack.dmGfaKe3Q3o?

Trojan.ExplorerHijack.dmGfaKe3Q3o removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment