Trojan

Trojan.Generic.30186888 (file analysis)

Malware Removal

The Trojan.Generic.30186888 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan.Generic.30186888 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • A process created a hidden window
  • Drops a binary and executes it
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Network activity contains more than one unique useragent.
  • Installs itself for autorun at Windows startup
  • Writes a potential ransom message to disk
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

Related domains:

api.2ip.ua
securebiz.org
astdg.top
mas.to

How to determine Trojan.Generic.30186888?


File Info:

crc32: B4CEEA0F
md5: ec6707a7b36ba6ac3b2a0c8361fbf84d
name: EC6707A7B36BA6AC3B2A0C8361FBF84D.mlw
sha1: f2f906efa140e49f2c13885bfdb27ddcb844f3dd
sha256: f040a5e3d2c865772e4f8b1fda5ff3437fb0a35924fd260fc76732398e262dde
sha512: 793d1e0c1e792b039822d4b8dd5d76532780c3ef5b8c3d375a20667d1ae70bcdb617da0de051c672f111cad8b64164ae7ae9560aef48a6f874598b3084bce386
ssdeep: 12288:HAtpfKSsvh2NDgRwDzawGsK3tqVa6PSYJ67G2Kc5EcFl:HAtuvh29gyWwgDwSy2bl
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

InternalName: sagzmioloke.awi
ProductVersion: 7.59.22.123
Copyright: Copyrighz (C) 2021, fudkageta
Translation: 0x0183 0x022e

Trojan.Generic.30186888 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005690681 )
Elasticmalicious (high confidence)
DrWebTrojan.Siggen14.64135
CynetMalicious (score: 100)
ALYacTrojan.Ransom.Stop
CylanceUnsafe
ZillyaTrojan.Stop.Win32.2202
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Azorult.de2f2f0a
K7GWTrojan ( 005690681 )
CyrenW32/Kryptik.EWJ.gen!Eldorado
ESET-NOD32a variant of Win32/Kryptik.HMFI
APEXMalicious
AvastWin32:DropperX-gen [Drp]
ClamAVWin.Packed.Fragtor-9888193-0
KasperskyHEUR:Trojan-Ransom.Win32.Stop.gen
BitDefenderTrojan.Generic.30186888
MicroWorld-eScanTrojan.Generic.30186888
TencentMalware.Win32.Gencirc.11ce3606
Ad-AwareTrojan.Generic.30186888
ComodoMalware@#7brrntzko08k
BitDefenderThetaGen:NN.ZexaF.34170.Uq1@aWRBo7bG
TrendMicroRansom.Win32.STOP.SMYPBH5.hp
FireEyeGeneric.mg.ec6707a7b36ba6ac
EmsisoftTrojan.Crypt (A)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Stop.awp
WebrootW32.Trojan.Gen
AviraEXP/YAV.Minerva.ascyj
Antiy-AVLTrojan/Generic.ASMalwS.3490E49
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Azorult.RT!MTB
GridinsoftRansom.Win32.STOP.ko!se53323
ZoneAlarmHEUR:Trojan.Win32.Kryptik.gen.
GDataWin32.Trojan.BSE.169R9YY
AhnLab-V3CoinMiner/Win.Glupteba.R438695
McAfeePacked-GDT!EC6707A7B36B
MAXmalware (ai score=89)
VBA32BScope.Backdoor.Androm
MalwarebytesTrojan.MalPack.GS
PandaTrj/GdSda.A
RisingTrojan.Kryptik!1.D91D (CLASSIC)
YandexTrojan.Kryptik!7WuFHsHv4Xw
IkarusTrojan.Crypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.FKHU!tr
AVGWin32:DropperX-gen [Drp]
Paloaltogeneric.ml

How to remove Trojan.Generic.30186888?

Trojan.Generic.30186888 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment