Trojan

Trojan.Generic.23255682 removal

Malware Removal

The Trojan.Generic.23255682 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.23255682 virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics

How to determine Trojan.Generic.23255682?



File Info:

name: 0ED8238FB3A145C8DA3F.mlw
path: /opt/CAPEv2/storage/binaries/2a39bd37a38235f84915d22e659c77423952e766439f3080d55059283985dfaf
crc32: 7284CC3F
md5: 0ed8238fb3a145c8da3f92db8b22e76b
sha1: 7e79645f6f179f8112974099697376112949f22a
sha256: 2a39bd37a38235f84915d22e659c77423952e766439f3080d55059283985dfaf
sha512: 6378190100be3f985d829ed948981fdb921e8ae9b67b7fe5f001d59f83bedaf485e76b954200bc844016ccc27f737ff69a6a702dbc08042997d567208dc4f3fb
ssdeep: 12288:at0+B1QGZHqbhFz/afDkjdT3S9VZBa7Hk+P6:RKQH/afwdTqZs7Hk+P6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10BB4171F97544332D16009375CDB8370AC2E6D603AE77CFA2D992E0F8BB9682B53D691
sha3_384: aeb241f64462ebbee5e71f7d9eaba166633ee7fe2518efbfd8b078c43d0c8518990e9f59f37d4d249af82ebe23124c28
ep_bytes: 558bec83c4f0b8a4ce4400e8cc98fbff
timestamp: 2017-06-26 04:30:42


Version Info:

CompanyName: TweakBit
FileDescription: PCRepairKit Setup
FileVersion: 1.8.2.1
InternalName: pc-repair-kit
LegalCopyright: Copyright © 2008-2017 Auslogics Labs Pty Ltd
LegalTrademarks: Copyright © 2008-2017 Auslogics Labs Pty Ltd
OriginalFilename: pcrepairkit_stub_installer.exe
ProductName: PCRepairKit
ProductVersion: 1.x
Comments: Part of TweakBit PC Repair Kit
Translation: 0x0409 0x04e4

Trojan.Generic.23255682 also known as:

BkavW32.Common.6E64745C
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.Generic.23255682
FireEyeGeneric.mg.0ed8238fb3a145c8
ALYacTrojan.Generic.23255682
MalwarebytesGeneric.Malware.AI.DDS
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005329171 )
K7GWTrojan ( 005329171 )
Cybereasonmalicious.f6f179
CyrenW32/Auslogics.D.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Auslogics.A potentially unwanted
APEXMalicious
Kasperskynot-a-virus:Downloader.Win32.Agent.kexu
BitDefenderTrojan.Generic.23255682
AvastWin32:PUP-gen [PUP]
TencentMalware.Win32.Gencirc.13bcf3b7
SophosTweak Bit FixMyPC (PUA)
F-SecurePotentialRisk.PUA/TweakBit.Gen7
DrWebProgram.Unwanted.2042
VIPRETrojan.Generic.23255682
McAfee-GW-EditionGenericRXSF-OQ!0ED8238FB3A1
EmsisoftTrojan.Generic.23255682 (B)
SentinelOneStatic AI – Suspicious PE
GDataWin32.Application.Auslogics.C
JiangminDownloader.Agent.exc
GoogleDetected
AviraPUA/TweakBit.Gen7
MAXmalware (ai score=85)
Antiy-AVLGrayWare/Win32.Auslogics.a
XcitiumApplication.Win32.Auslogics.AB@80idad
ArcabitTrojan.Generic.D162DA82
ZoneAlarmnot-a-virus:Downloader.Win32.Agent.kexu
CynetMalicious (score: 100)
AhnLab-V3PUP/Win32.Helper.R279943
McAfeeGenericRXSF-OQ!0ED8238FB3A1
VBA32BScope.Downloader.Agent
Cylanceunsafe
PandaTrj/CI.A
RisingPUF.Auslogics!1.AC47 (CLASSIC)
YandexTrojan.GenAsa!U7sRbsYysjs
FortinetW32/Auslogics.A
AVGWin32:PUP-gen [PUP]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_100% (W)

How to remove Trojan.Generic.23255682?

Trojan.Generic.23255682 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment