Trojan

About “Trojan.Generic.11940377” infection

Malware Removal

The Trojan.Generic.11940377 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.11940377 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Bulgarian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan.Generic.11940377?



File Info:

name: 92974607C8CC79E14CA7.mlw
path: /opt/CAPEv2/storage/binaries/529284057a575b28fec0c72116435efe7f7360e7b05b87f624b0687fda42f292
crc32: 45ECC4FC
md5: 92974607c8cc79e14ca7710fe22181b7
sha1: bf9b04b898f740ec73688f08a5b39e4df1e54afa
sha256: 529284057a575b28fec0c72116435efe7f7360e7b05b87f624b0687fda42f292
sha512: 1403bc8418caaa093040087735654223eb2c250c24d58114b74fbf7af125e9657aff9d8dfc81876823eed9709b7cbe54208b9dc6309d9253159517d866090418
ssdeep: 6144:wtAEm2JW26DA1QaRPy2bTixeSHRj2LiYWhGemyfZWEWu:wpnz6DyQaRPy8iMSxwR4Wk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FF541277771707D6E8AF843E44A533A921EE707EAB81174705DAEB4A36814E00FA0ED7
sha3_384: 16c83a5573c27281c3ba9af9904350d65862830c79c528adb5671565b90f5a910755439182724eb8a1df33f47a1a4151
ep_bytes: 558bec81ec100100008b1564da420089
timestamp: 2011-08-31 10:49:24


Version Info:

CompanyName: Marsukafa Corporatien
LegalCopyright: © Marsukafa Corporatien. All rights reserved.
FileDescription: Marsukafa Visatl Studie 2010
ProductName: Marsukafa® Visatl Studio® 2010
FileVersion: 15.20.2012.55435
ProductVersion: 15.20.2012.55435
InternalName: dimrinka.exe
OriginalFilename: dimrinka.exe
Translation: 0x0409 0x04b0

Trojan.Generic.11940377 also known as:

BkavW32.AIDetect.malware2
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.Generic.11940377
CAT-QuickHealFraudTool.Security
ALYacTrojan.Generic.11940377
CylanceUnsafe
ZillyaTrojan.Zbot.Win32.167825
K7AntiVirusSpyware ( 00420ee01 )
K7GWSpyware ( 00420ee01 )
Cybereasonmalicious.7c8cc7
BaiduWin32.Trojan.Kryptik.je
VirITTrojan.Win32.Siggen6.WKA
CyrenW32/Trojan.KPHE-1526
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Spy.Zbot.ABA
APEXMalicious
ClamAVWin.Trojan.Zbot-61201
KasperskyTrojan-Spy.Win32.Zbot.ujlw
BitDefenderTrojan.Generic.11940377
NANO-AntivirusTrojan.Win32.MlwGen.dgreky
SUPERAntiSpywareTrojan.Agent/Gen-Zbot
AvastWin32:Agent-AUYE [Trj]
TencentMalware.Win32.Gencirc.10c7a80e
Ad-AwareTrojan.Generic.11940377
EmsisoftTrojan.Generic.11940377 (B)
ComodoTrojWare.Win32.Kryptik.CNNY@5ggyvf
DrWebTrojan.Siggen6.15132
VIPRETrojan.Generic.11940377
TrendMicroTSPY_ZBOT.SMX1
McAfee-GW-EditionTrojan-FFFI!92974607C8CC
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.92974607c8cc79e1
SophosML/PE-A
SentinelOneStatic AI – Malicious PE
GDataTrojan.Generic.11940377
JiangminTrojanSpy.Zbot.egjv
AviraTR/Crypt.ZPACK.miod.1
MAXmalware (ai score=82)
Antiy-AVLTrojan/Generic.ASMalwS.31
ArcabitTrojan.Generic.DB63219
MicrosoftPWS:Win32/Zbot
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.ZBot.R121749
Acronissuspicious
McAfeeTrojan-FFFI!92974607C8CC
VBA32TrojanSpy.Zbot
MalwarebytesBackdoor.Agent.RND
TrendMicro-HouseCallTSPY_ZBOT.SMX1
RisingTrojan.Generic@AI.90 (RDML:Sefs0smsTrO/dJ7MEXnuwQ)
YandexTrojanSpy.Zbot!mKryDqOp+zw
IkarusTrojan.Win32.Yakes
FortinetW32/Kryptik.CJJL!tr
BitDefenderThetaGen:NN.ZexaF.34806.ru1@aaII2pAO
AVGWin32:Agent-AUYE [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Generic.11940377?

Trojan.Generic.11940377 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment