Trojan.Generic.30186888 (file analysis)

The Trojan.Generic.30186888 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Generic.30186888 virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
A process attempted to delay the analysis task.
A process created a hidden window
Drops a binary and executes it
Performs some HTTP requests
The binary likely contains encrypted or compressed data.
Executed a process and injected code into it, probably while unpacking
Network activity contains more than one unique useragent.
Installs itself for autorun at Windows startup
Writes a potential ransom message to disk
Creates a copy of itself
Anomalous binary characteristics
Uses suspicious command line tools or Windows utilities

Related domains:

api.2ip.ua

securebiz.org

astdg.top

mas.to

How to determine Trojan.Generic.30186888?


File Info:
crc32: B4CEEA0F
md5: ec6707a7b36ba6ac3b2a0c8361fbf84d
name: EC6707A7B36BA6AC3B2A0C8361FBF84D.mlw
sha1: f2f906efa140e49f2c13885bfdb27ddcb844f3dd
sha256: f040a5e3d2c865772e4f8b1fda5ff3437fb0a35924fd260fc76732398e262dde
sha512: 793d1e0c1e792b039822d4b8dd5d76532780c3ef5b8c3d375a20667d1ae70bcdb617da0de051c672f111cad8b64164ae7ae9560aef48a6f874598b3084bce386
ssdeep: 12288:HAtpfKSsvh2NDgRwDzawGsK3tqVa6PSYJ67G2Kc5EcFl:HAtuvh29gyWwgDwSy2bl
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
InternalName: sagzmioloke.awi
ProductVersion: 7.59.22.123
Copyright: Copyrighz (C) 2021, fudkageta
Translation: 0x0183 0x022e

Trojan.Generic.30186888 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 005690681 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen14.64135
Cynet	Malicious (score: 100)
ALYac	Trojan.Ransom.Stop
Cylance	Unsafe
Zillya	Trojan.Stop.Win32.2202
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Trojan:Win32/Azorult.de2f2f0a
K7GW	Trojan ( 005690681 )
Cyren	W32/Kryptik.EWJ.gen!Eldorado
ESET-NOD32	a variant of Win32/Kryptik.HMFI
APEX	Malicious
Avast	Win32:DropperX-gen [Drp]
ClamAV	Win.Packed.Fragtor-9888193-0
Kaspersky	HEUR:Trojan-Ransom.Win32.Stop.gen
BitDefender	Trojan.Generic.30186888
MicroWorld-eScan	Trojan.Generic.30186888
Tencent	Malware.Win32.Gencirc.11ce3606
Ad-Aware	Trojan.Generic.30186888
Comodo	Malware@#7brrntzko08k
BitDefenderTheta	Gen:NN.ZexaF.34170.Uq1@aWRBo7bG
TrendMicro	Ransom.Win32.STOP.SMYPBH5.hp
FireEye	Generic.mg.ec6707a7b36ba6ac
Emsisoft	Trojan.Crypt (A)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Stop.awp
Webroot	W32.Trojan.Gen
Avira	EXP/YAV.Minerva.ascyj
Antiy-AVL	Trojan/Generic.ASMalwS.3490E49
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Trojan:Win32/Azorult.RT!MTB
Gridinsoft	Ransom.Win32.STOP.ko!se53323
ZoneAlarm	HEUR:Trojan.Win32.Kryptik.gen.
GData	Win32.Trojan.BSE.169R9YY
AhnLab-V3	CoinMiner/Win.Glupteba.R438695
McAfee	Packed-GDT!EC6707A7B36B
MAX	malware (ai score=89)
VBA32	BScope.Backdoor.Androm
Malwarebytes	Trojan.MalPack.GS
Panda	Trj/GdSda.A
Rising	Trojan.Kryptik!1.D91D (CLASSIC)
Yandex	Trojan.Kryptik!7WuFHsHv4Xw
Ikarus	Trojan.Crypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/GenKryptik.FKHU!tr
AVG	Win32:DropperX-gen [Drp]
Paloalto	generic.ml

How to remove Trojan.Generic.30186888?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Trojan.Generic.30186888 (file analysis)