Trojan

What is “Trojan.Generic.21641274”?

Malware Removal

The Trojan.Generic.21641274 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.21641274 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • HTTPS urls from behavior.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Turkish
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Detects Bochs through the presence of a registry key
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Attempts to create or modify system certificates
  • Collects information to fingerprint the system
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Generic.21641274?



File Info:

name: 5C46D2AB70D5EFDDE93E.mlw
path: /opt/CAPEv2/storage/binaries/8b136938caecab3ffb0976b46cf1db22a4c4e94b51ed5420fd4d7201842340bb
crc32: 8DA5BFAA
md5: 5c46d2ab70d5efdde93ee5f47dae3124
sha1: 9c9d4149e7406923122095a0fda34c252fa24af6
sha256: 8b136938caecab3ffb0976b46cf1db22a4c4e94b51ed5420fd4d7201842340bb
sha512: 28437a32b3fb95440851c66fe0439873e0484e994b28dc8b522dc8113867e81b01aa6b24bb120741bd4fbd8ebb6e37432cdf5f8fe2371a789361b5f4c33b6657
ssdeep: 196608:yo5fRX4jwNS8IKihH07NDVy8o6VOEUys1Oy8VIxipX:yo5fpKKHsANEHOUys1O6UpX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T180A633E5AA80F86FC1AE51B97821B040864A3FE18A0C4783BC5577B638F1627EDFC55D
sha3_384: 4cc6516cb7d6466119589ad2ca92470fb63217e38d9af55774076482679078e76474cac047b359f302ac7852c78a4c76
ep_bytes: 60be003048008dbe00e0f7ff57eb0b90
timestamp: 2012-01-29 21:32:28


Version Info:

FileVersion: 7.26.0.0
FileDescription: Created By PREDATOR
LegalCopyright: Created By PREDATOR
Productname: Predator © 2013
ProductVersion: 2.0.1.3
Translation: 0x041f 0x04b0

Trojan.Generic.21641274 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Agent.lwaI
Elasticmalicious (moderate confidence)
DrWebProgram.Unwanted.3275
MicroWorld-eScanTrojan.Generic.21641274
FireEyeTrojan.Generic.21641274
McAfeeArtemis!5C46D2AB70D5
MalwarebytesMalware.Heuristic.1003
ZillyaTrojan.AutoIT.Win32.177190
SangforTrojan.Win32.Packed.Vs86
AlibabaPacked:Win32/Generic.3ca214f8
CrowdStrikewin/malicious_confidence_90% (W)
tehtrisGeneric.Malware
ESET-NOD32Win32/Packed.Autoit.H suspicious
APEXMalicious
BitDefenderTrojan.Generic.21641274
AvastWin32:Malware-gen
SophosGeneric Reputation PUA (PUA)
VIPRETrojan.Generic.21641274
McAfee-GW-EditionBehavesLike.Win32.Injector.tc
Trapminemalicious.moderate.ml.score
EmsisoftTrojan.Generic.21641274 (B)
GDataTrojan.Generic.21641274
Antiy-AVLGrayWare/Autoit.Execute.a
XcitiumMalware@#1plore1wrhngw
ArcabitTrojan.Generic.D14A383A
MicrosoftProgram:Win32/Wacapew.C!ml
VBA32Trojan.Autoit.F
ALYacTrojan.Generic.21641274
MAXmalware (ai score=83)
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H09EE23
RisingPUA.InnovativeSolutions!8.F2D6 (CLOUD)
MaxSecureTrojan.Autoit.AZA
AVGWin32:Malware-gen
Cybereasonmalicious.b70d5e
DeepInstinctMALICIOUS

How to remove Trojan.Generic.21641274?

Trojan.Generic.21641274 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment