Trojan

Trojan.Generic.30234880 (file analysis)

Malware Removal

The Trojan.Generic.30234880 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.30234880 virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Created a process from a suspicious location
  • Attempts to modify proxy settings

How to determine Trojan.Generic.30234880?



File Info:

name: 2EE8314F450CFF8A3550.mlw
path: /opt/CAPEv2/storage/binaries/199ca7bde7f9cac9ca7c2268d6845b74ac5a1b167f3161a56d772fb3debd73ec
crc32: 5593C2AD
md5: 2ee8314f450cff8a355024bfa5d609c0
sha1: b61b97ed86721932d4038d0f0384de0d10f5e291
sha256: 199ca7bde7f9cac9ca7c2268d6845b74ac5a1b167f3161a56d772fb3debd73ec
sha512: 53746815a052d9f89d2beb4cc2b15eae43cc362225ef7d5a9b1a4d7dc3b93e255a897d9008e4c66c6197fff6ce02499c3b317e7d2cec70dff6172acd281a71b2
ssdeep: 192:Ft5KFUnwR2IT1XfSqYiW9Y7KVPhIe6O1SJbNtkA9l2iFUht8xElbnuELeL:FFnwR2IT1XKqC9YATzWLkAzFABlbNy
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T190A2E7386AE91572E3BBCFB685F555C6B974B4223D12D80D40DE43880823F66EDE1B1E
sha3_384: cbf4b24ba3deef1d87664e93504b17ec0b355da78e25fbdf209effe1cd9190d68fafb6edbc1ecc35a5532056645b75bb
ep_bytes: 558bec81ec3c08000053565733f656ff
timestamp: 2013-10-09 18:19:12


Version Info:

0: [No Data]

Trojan.Generic.30234880 also known as:

LionicTrojan.Win32.Generic.lY5V
Elasticmalicious (high confidence)
DrWebTrojan.DownLoad3.28161
MicroWorld-eScanTrojan.Generic.30234880
FireEyeGeneric.mg.2ee8314f450cff8a
CAT-QuickHealTrojan.Mauvaise.SL1
ALYacTrojan.Generic.30234880
CylanceUnsafe
ZillyaDownloader.Waski.Win32.13050
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 0055f33b1 )
K7GWTrojan-Downloader ( 004b972f1 )
Cybereasonmalicious.f450cf
ArcabitTrojan.Generic.D1CD5900
BitDefenderThetaGen:NN.ZexaF.34084.bqY@aSzRtMd
CyrenW32/Upatre.KG.gen!Eldorado
SymantecDownloader.Upatre!gm
ESET-NOD32a variant of Win32/TrojanDownloader.Waski.A
TrendMicro-HouseCallTROJ_UPATRE.SM37
Paloaltogeneric.ml
ClamAVWin.Downloader.Upatre-7598844-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Generic.30234880
NANO-AntivirusTrojan.Win32.DownLoad3.cnbuup
AvastWin32:Downloader-WID [Trj]
RisingDownloader.Agent!1.C06E (CLASSIC)
Ad-AwareTrojan.Generic.30234880
EmsisoftTrojan.Generic.30234880 (B)
ComodoTrojWare.Win32.TrojanDownloader.Small.CDC@8mzsfr
F-SecureTrojan.TR/Dropper.Gen
BaiduWin32.Trojan-Downloader.Waski.k
VIPRETrojan-Downloader.Win32.Upatre.a (v)
TrendMicroTROJ_UPATRE.SM37
McAfee-GW-EditionBehavesLike.Win32.Downloader.mz
SophosML/PE-A + Mal/EncPk-ACO
IkarusTrojan-Downloader.Win32.Upatre
JiangminTrojan/Generic.azrzv
AviraTR/Dropper.Gen
MAXmalware (ai score=82)
Antiy-AVLTrojan[Downloader]/Win32.Upatre
GridinsoftRansom.Win32.Gen.sa
MicrosoftTrojan:Win32/Upatre.AMN!MTB
ViRobotTrojan.Win32.Z.Upatre.23170.D
GDataWin32.Trojan-Downloader.Upatre.BJ
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Dloader.R87521
Acronissuspicious
McAfeeDownloader-FBVZ!2EE8314F450C
VBA32Trojan.Downloader
MalwarebytesTrojan.Downloader
APEXMalicious
TencentMalware.Win32.Gencirc.10b0cbcc
YandexTrojan.GenAsa!xjw/xZS1BKE
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_96%
FortinetW32/Waski.A!tr
AVGWin32:Downloader-WID [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Generic.30234880?

Trojan.Generic.30234880 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment