Trojan

Trojan.Generic.31184090 (B) removal

Malware Removal

The Trojan.Generic.31184090 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.31184090 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Tries to unhook or modify Windows functions monitored by Cuckoo

How to determine Trojan.Generic.31184090 (B)?



File Info:

name: F18843EBF575FA617969.mlw
path: /opt/CAPEv2/storage/binaries/97d1f072fa207ed029879b5ab51d7316ef3f000650702480f7e28ec0e1cd0a46
crc32: 6E20246D
md5: f18843ebf575fa6179698b95c62ba345
sha1: 53d09619d97d69f96a1de6177fd09a05afd5ef23
sha256: 97d1f072fa207ed029879b5ab51d7316ef3f000650702480f7e28ec0e1cd0a46
sha512: a4e10a2b5d46b03fbf3537126e111927ecb1d15ee0273bda3ce0f879032e24bd69bb5493010508013b792843992d2b04dc5bc3866a8db7309c080f357e7e1d8c
ssdeep: 49152:2cCCXWl+nv3H8go3kSNl5SnPu78mt7YlX9X8FR+4zULHJR1ASrhGqbHncB8ohciC:5v8go3kSNl5SnPu78mt7YlX9X8FR+4z6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T134958D02F6C180B1E216357010BB6739AB35DB964E21DFC3E3A4DDB86E732A1DA2715D
sha3_384: 1e13994a378083f04c63749b8ca71c96cd46164e9a579ec44208d99f0d88d20269f1901ec9b65836c5a83aeadfde0f2b
ep_bytes: 558bec6aff68a08c5b0068404c530064
timestamp: 2021-10-17 13:19:19


Version Info:

FileVersion: 1.0.0.0
FileDescription:  用户端
ProductName: 用户端
ProductVersion: 1.0.0.0
CompanyName: 用户端
LegalCopyright: 用户端
Comments: 用户端
Translation: 0x0804 0x04b0

Trojan.Generic.31184090 (B) also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Multi.Generic.lx0k
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Generic.31184090
FireEyeGeneric.mg.f18843ebf575fa61
CAT-QuickHealHacktool.Flystudio.16558
McAfeeArtemis!F18843EBF575
CylanceUnsafe
SangforTrojan.Win32.Sabsik.FL
AlibabaAdWare:Win32/Softcnapp.a
K7GWTrojan ( 005246d51 )
K7AntiVirusTrojan ( 005246d51 )
BitDefenderThetaGen:NN.ZexaF.34232.9r0@a8aaQ9dH
CyrenW32/Agent.EW.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
TrendMicro-HouseCallTROJ_GEN.R002H0CJJ21
Paloaltogeneric.ml
CynetMalicious (score: 100)
BitDefenderTrojan.Generic.31184090
AvastWin32:TrojanX-gen [Trj]
Ad-AwareTrojan.Generic.31184090
EmsisoftTrojan.Generic.31184090 (B)
ComodoTrojWare.Win32.Agent.OSCF@5rs7jr
McAfee-GW-EditionBehavesLike.Win32.Generic.th
SophosGeneric PUA FD (PUA)
Antiy-AVLTrojan/Generic.ASCommon.FA
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataTrojan.Generic.31184090
AhnLab-V3Trojan/Win.TrojanX-gen.R466168
Acronissuspicious
VBA32BScope.Backdoor.BlackHole
ALYacTrojan.Generic.31184090
MAXmalware (ai score=82)
MalwarebytesTrojan.MalPack.FlyStudio
APEXMalicious
SentinelOneStatic AI – Malicious PE
eGambitGeneric.Malware
FortinetW32/CoinMiner.65CA!tr
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.9d97d6

How to remove Trojan.Generic.31184090 (B)?

Trojan.Generic.31184090 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment