Trojan.Generic.11789214 (file analysis)

The Trojan.Generic.11789214 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Generic.11789214 virus can do?

Authenticode signature is invalid
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Generic.11789214?


File Info:
name: FEFB58DC9D96F25EF4F8.mlw
path: /opt/CAPEv2/storage/binaries/82609e372513312e5363fcb87ba57136d5a7524d88b67a215d8b622d98565ff5
crc32: 675C1642
md5: fefb58dc9d96f25ef4f813751b08dfe7
sha1: 34f07945c8cde18d3c16e4dec3c41d7c8952ad32
sha256: 82609e372513312e5363fcb87ba57136d5a7524d88b67a215d8b622d98565ff5
sha512: 5b4d8c42936fd3cf54de8c631efdea2d7fdc3e5d9fe353d4d965cb13411444203606e7c4919b576e604303d66667a6b2ef478f29027948b82b3e5c12549cfb23
ssdeep: 768:vVnsvHN/n3bA2kPeN73cjdKU2dzu599meq:tnsvhn3E2meR3cjdKU2dzuL97q
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T194E2191171845A4EC80E4A342DF5EB3104A6BEA47E3FD67F3E49362826B4B81BC51A1F
sha3_384: 70ce02ebc5f4bfb4401242f847efe7142398fd3f3d87ad1556ba84eb8dd0b9b4ea723a824f07082b3d966740b2d36c07
ep_bytes: 6a00ff15741a4000a310804000680080
timestamp: 2005-08-08 02:29:55

Version Info:
FileDescription: T.o.c.h.k.a. U. Tr.ah-Ta.ra.r.ah!
LegalCopyright: All rights reserved.
FileVersion: 2.0.0.2
ProductVersion: 1.0.0.1
OriginalFilename: qiofyjaudlkhutag
Translation: 0x0409 0x0000

Trojan.Generic.11789214 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Scarsi.4!c
DrWeb	Trojan.Upatre.24
MicroWorld-eScan	Trojan.Generic.11789214
FireEye	Generic.mg.fefb58dc9d96f25e
ALYac	Trojan.Generic.11789214
Malwarebytes	Generic.Malware/Suspicious
VIPRE	Trojan.Generic.11789214
Sangfor	Trojan.Win32.Agent.atgen
K7AntiVirus	Riskware ( 0040eff71 )
Alibaba	TrojanDownloader:Win32/Scarsi.1f1e55d4
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.c9d96f
BitDefenderTheta	Gen:NN.ZexaF.36196.bq0@a0jQ0Wh
VirIT	Trojan.Win32.Generic.BBP
Cyren	W32/Trojan.RQJA-7820
Symantec	Downloader.Upatre!gen7
Elastic	malicious (high confidence)
ESET-NOD32	Win32/TrojanDownloader.Waski.F
Zoner	Trojan.Win32.26243
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	Trojan.Win32.Scarsi.wyv
BitDefender	Trojan.Generic.11789214
NANO-Antivirus	Trojan.Win32.Upatre.efhcnx
Tencent	Win32.Trojan.Scarsi.Gajl
F-Secure	Trojan.TR/Crypt.Epack.21237
Zillya	Trojan.Scarsi.Win32.1587
TrendMicro	TROJ_UPATRE.YYPN
McAfee-GW-Edition	BehavesLike.Win32.Generic.nz
Trapmine	malicious.high.ml.score
Sophos	Mal/Dyreza-C
Jiangmin	Trojan/Scarsi.tp
Webroot	W32.Rogue.Gen
Avira	TR/Crypt.Epack.21237
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Win32.Scarsi
Xcitium	Malware@#q2lazw5htt1m
Arcabit	Trojan.Generic.DB3E39E
SUPERAntiSpyware	Trojan.Agent/Gen-Downloader
ZoneAlarm	Trojan.Win32.Scarsi.wyv
GData	Win32.Trojan.Agent.GGEBVJ
Google	Detected
VBA32	BScope.TrojanSpy.Zbot
TACHYON	Trojan/W32.Scarsi.31744
Cylance	unsafe
Panda	Trj/Chgt.G
TrendMicro-HouseCall	TROJ_UPATRE.YYPN
Rising	Trojan.DL.Win32.Upatre.anz (CLASSIC)
Yandex	Trojan.Upatre!XBxnoxpPiio
Ikarus	Trojan.Win32.Scarsi
Fortinet	W32/Kryptik.CPYT!tr
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Trojan.Generic.11789214?

Trojan.Generic.11789214 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X