Categories: Trojan

What is “Trojan.Generic.22913703”?

The Trojan.Generic.22913703 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.22913703 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (inter-process)
  • A potential decoy document was displayed to the user
  • Created a process from a suspicious location
  • Installs itself for autorun at Windows startup
  • CAPE detected the njRat malware family

How to determine Trojan.Generic.22913703?



File Info:

name: 17104A169A9ABE6F7B50.mlwpath: /opt/CAPEv2/storage/binaries/c938e7af02580c36b0f94d2ead4e80ab7313742bc9b4186894a11206e1c59f2bcrc32: 9E53F31Emd5: 17104a169a9abe6f7b50f0ad2ac526e9sha1: 0e96786a4bf3611306fc2ec406402ba87c840a60sha256: c938e7af02580c36b0f94d2ead4e80ab7313742bc9b4186894a11206e1c59f2bsha512: 1eb17e0dd67609446c68e154cc015afe53d52e06ced80c25ebaad7f158d5cb8c700a644f39b4d984d632e6ea1b767a481f263161eeeb2cd0fdeb006b657277dfssdeep: 768:k+nDi2u75oa4fu124AqFjXeJBKh0p29SgReynz4MRhhhRKK+ZmNL8Y2DZ:675CPkj8KhG29jeyzd0bYtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1B4A31902B6B5C91AC4AC2BB28454A95F6BF462034023DE2B7EC458EDFF732B71915F61sha3_384: d408950603bc4672d92a70b011982a6eabc6c5c07638364c010951641353125be523018c7a813daa365f394cb3c57a8eep_bytes: ff250020400000000000000000000000timestamp: 2018-04-11 15:08:28

Version Info:

Translation: 0x0000 0x04b0FileDescription:  FileVersion: 0.0.0.0InternalName: libya.CTLegalCopyright:  OriginalFilename: libya.CTProductVersion: 0.0.0.0Assembly Version: 0.0.0.0

Trojan.Generic.22913703 also known as:

Elastic malicious (high confidence)
MicroWorld-eScan Trojan.Generic.22913703
FireEye Generic.mg.17104a169a9abe6f
ALYac Trojan.Generic.22913703
Malwarebytes Malware.AI.4020198125
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan ( 0051c2441 )
K7GW Trojan ( 0051c2441 )
Cybereason malicious.69a9ab
BitDefenderTheta Gen:NN.ZemsilF.34084.gm0@aqOSutb
Cyren W32/MSIL_Bladabindi.AS.gen!Eldorado
Symantec Backdoor.Ratenjay
ESET-NOD32 a variant of MSIL/TrojanDropper.Binder.CA
Baidu MSIL.Trojan-Dropper.Binder.a
TrendMicro-HouseCall TROJ_BINDER.SMA
ClamAV Win.Packed.Bladabindi-7086597-0
Kaspersky Backdoor.MSIL.Agent.qef
BitDefender Trojan.Generic.22913703
NANO-Antivirus Trojan.Win32.Agent.dzsrep
Avast MSIL:Agent-BXF [Trj]
Ad-Aware Trojan.Generic.22913703
Emsisoft Trojan.Generic.22913703 (B)
Comodo TrojWare.MSIL.Spy.Agent.EF@4r4nna
DrWeb Trojan.DownLoader29.12505
VIPRE Backdoor.MSIL.Bladabindi.a (v)
TrendMicro TROJ_BINDER.SMA
McAfee-GW-Edition BehavesLike.Win32.Generic.cz
SentinelOne Static AI – Malicious PE
Sophos ML/PE-A + Troj/dnsauce-B
APEX Malicious
GData Trojan.Generic.22913703
Avira TR/ATRAPS.Gen
Microsoft Backdoor:MSIL/Bladabindi.AJ
Cynet Malicious (score: 100)
McAfee Trojan-FJWT!17104A169A9A
MAX malware (ai score=84)
VBA32 Trojan.MSIL.Disfa
Cylance Unsafe
Rising Backdoor.Njrat!1.9E49 (CLASSIC)
Ikarus Trojan-Dropper.MSIL
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Dropper_Binder.BS!tr
AVG MSIL:Agent-BXF [Trj]
CrowdStrike win/malicious_confidence_90% (D)

How to remove Trojan.Generic.22913703?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: libya.CTTrojan.Generic.22913703
2 years ago

Recent Posts

What is “MSIL/TrojanDropper.Agent.BVT”?

The MSIL/TrojanDropper.Agent.BVT is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

Should I remove “Generic.Dacic.94CCEEA9.A.A4A6DA47”?

The Generic.Dacic.94CCEEA9.A.A4A6DA47 is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

Malware.AI.524217860 removal tips

The Malware.AI.524217860 is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

Trojan:Win32/Koutodoor.F removal tips

The Trojan:Win32/Koutodoor.F is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

How to remove “Malware.AI.1412460714”?

The Malware.AI.1412460714 is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

Generic.Dacic.8952383F.A.5EC8C34B removal instruction

The Generic.Dacic.8952383F.A.5EC8C34B is considered dangerous by lots of security experts. When this infection is active,…

1 day ago