Should I remove “Trojan.Generic.30326123”?

Malware Removal

The Trojan.Generic.30326123 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.Generic.30326123 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process created a hidden window
  • Unconventionial language used in binary resources: Hungarian
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz
api.2ip.ua
znpst.top
securebiz.org

How to determine Trojan.Generic.30326123?


File Info:

crc32: 0D540131
md5: b2ba73b933129d549f8c866e7c293866
name: B2BA73B933129D549F8C866E7C293866.mlw
sha1: 71052f4d8d7046d221cfd183c052aab665c3c4ad
sha256: 728b760c5c4b4f22d793dd8c97060b872bfc0d7c09ec4bb4be76baf7d3343316
sha512: 2ff2798e1409274ef012bccff01ceac67f240419f851bf809328a9b821b90d8c395f57c063cdbce6aaa9a71d04b4e1bde153191d58a7e8dd7e05aaaeca3ffb4e
ssdeep: 12288:7KLQbkQRMlyDzlVnYKhInVNlIutFj7DZssHhkfsCD5b3J3TNFY1OXhJL6Nzxd6L:+mRrXjCnVNVtFvN5kECfNS1OXXuL6L
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

InternalName: sajbmianozu.iya
ProductVersion: 8.4.59.52
Copyright: Copyrighz (C) 2021, fudkagat
Translation: 0x0127 0x007a

Trojan.Generic.30326123 also known as:

K7AntiVirusTrojan ( 0058865f1 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacTrojan.Generic.30326123
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 0058865f1 )
Cybereasonmalicious.d8d704
CyrenW32/Kryptik.EWJ.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HMSF
APEXMalicious
AvastWin32:PWSX-gen [Trj]
ClamAVWin.Trojan.Generic-9901207-0
KasperskyHEUR:Trojan.Win32.Strab.gen
BitDefenderTrojan.Generic.30326123
MicroWorld-eScanTrojan.Generic.30326123
Ad-AwareTrojan.Generic.30326123
SophosML/PE-A + Troj/Krypt-CY
BitDefenderThetaGen:NN.ZexaF.34266.0q0@aGzV9WaO
McAfee-GW-EditionBehavesLike.Win32.Lockbit.cc
FireEyeGeneric.mg.b2ba73b933129d54
EmsisoftTrojan.Crypt (A)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Strab.i
MicrosoftRansom:Win32/StopCrypt.MOK!MTB
GDataTrojan.Generic.30326123
AhnLab-V3Infostealer/Win.SmokeLoader.R443617
Acronissuspicious
McAfeePacked-GDT!B2BA73B93312
MAXmalware (ai score=81)
VBA32Trojan.Zenpak
MalwarebytesTrojan.MalPack.GS
PandaTrj/Genetic.gen
RisingTrojan.Kryptik!1.D9EB (CLASSIC)
IkarusTrojan-Banker.UrSnif
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.GDT!tr
AVGWin32:PWSX-gen [Trj]

How to remove Trojan.Generic.30326123?

Trojan.Generic.30326123 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment