Trojan

Trojan.Generic.30015038 removal guide

Malware Removal

The Trojan.Generic.30015038 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.30015038 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Injection with CreateRemoteThread in a remote process
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Reads data out of its own binary image
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to remove evidence of file being downloaded from the Internet
  • Exhibits behavior characteristic of Nanocore RAT
  • Creates a hidden or system file
  • Creates a copy of itself
  • Collects information to fingerprint the system

Related domains:

godnogoshameus.ddns.net

How to determine Trojan.Generic.30015038?



File Info:

crc32: 81AFE7AA
md5: 53484cf0998a53b73b08369781389192
name: 53484CF0998A53B73B08369781389192.mlw
sha1: decd2c9a347f39707e6a828d248fae53f7780961
sha256: f6ef965ea04e1ae155aea524aa758a174fb78bb292d7fb13b5a0ecfbf3ee507c
sha512: d36a9661c5252e310f361af7eb25ef7597425b9f0512b35f66587903b2fe4607be44cee02dd10584433b3a6daed40e380ec025caf10db021ae62ecf29a693e53
ssdeep: 12288:eBUMDc9F3nC0Py3gAh6RoCquC2d1RVQpxVo2c+H5bckuHFg6rsz2TJNlSd+og0S:e+3XHt+71cs+gj2lPSBYKk8m37qC
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2009
Assembly Version: 1.0.0.7
InternalName: FrameSecurityDescript.exe
FileVersion: 1.0.0.7
CompanyName: National Shirt Shop
LegalTrademarks: 
Comments: 
ProductName: GameAttempt
ProductVersion: 1.0.0.7
FileDescription: GameAttempt
OriginalFilename: FrameSecurityDescript.exe

Trojan.Generic.30015038 also known as:

K7AntiVirusRiskware ( 0040eff71 )
LionicTrojan.MSIL.Taskun.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader41.15659
CynetMalicious (score: 100)
ALYacSpyware.AgentTesla
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWRiskware ( 0040eff71 )
CyrenW32/MSIL_Troj.BJP.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32MSIL/NanoCore.E
APEXMalicious
AvastWin32:PWSX-gen [Trj]
ClamAVWin.Malware.Agent-9887132-0
KasperskyHEUR:Trojan.MSIL.Taskun.gen
BitDefenderTrojan.Generic.30015038
MicroWorld-eScanTrojan.Generic.30015038
TencentWin32.Trojan.Inject.Auto
Ad-AwareTrojan.Generic.30015038
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZemsilF.34104.@m0@aKfJOWn
TrendMicroTROJ_GEN.R03BC0DHL21
McAfee-GW-EditionAgentTesla-FCTJ!53484CF0998A
FireEyeGeneric.mg.53484cf0998a53b7
EmsisoftTrojan.Crypt (A)
SentinelOneStatic AI – Malicious PE
WebrootW32.Trojan.Gen
AviraTR/AD.Nanocore.cpsno
MicrosoftTrojan:MSIL/AgentTesla.SM!MTB
ZoneAlarmHEUR:Trojan.MSIL.Taskun.gen
GDataTrojan.Generic.30015038
McAfeeAgentTesla-FCTJ!53484CF0998A
MAXmalware (ai score=99)
VBA32TScope.Trojan.MSIL
MalwarebytesTrojan.MalPack.PNG.Generic
PandaTrj/RnkBend.A
TrendMicro-HouseCallTROJ_GEN.R03BC0DHL21
YandexTrojan.Igent.bWqBbG.29
IkarusTrojan.MSIL.Inject
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.ABDO!tr
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml

How to remove Trojan.Generic.30015038?

Trojan.Generic.30015038 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment