Trojan

Should I remove “Trojan.Generic.31249666”?

Malware Removal

The Trojan.Generic.31249666 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.31249666 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Collects and encrypts information about the computer likely to send to C2 server
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Attempts to interact with an Alternate Data Stream (ADS)

How to determine Trojan.Generic.31249666?



File Info:

name: 9D42E5D695900C7DC7BA.mlw
path: /opt/CAPEv2/storage/binaries/1b28ab2f8492ca75c14840b595f9c23d4a1db1a914a07bd801bcf8fc4294695c
crc32: 57EFAB1B
md5: 9d42e5d695900c7dc7baf82a80a1c2c3
sha1: 686cf8d6e7e959c8d326974e13a9083fe062b076
sha256: 1b28ab2f8492ca75c14840b595f9c23d4a1db1a914a07bd801bcf8fc4294695c
sha512: fe2eb2d4dd59baf57d1e901d3fc80831bacfedcdd83bc8c4c1c791c6ae84cee19dd16e61af9236f32b301b5c974e8fbd5b59e79b59294a495c8e4dc9082c9684
ssdeep: 6144:DmVu7hs/FEHbTP2nhnzBmYZ0DGdNwP6t+DKuoikgLQ178blt6hIxZWVhY1KfOOIr:9yFEPqhnz3JFF/8TsVx+PUYSjSSg+nY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T106A4280477D54F11C29E19BAD4F10C08E3B5D99B1B53F35BE6C929F82E22B9FD889242
sha3_384: 690291b1dc95f22b4013898f05fda7976e4e82f4b014106df2cc1cdd05f754439f3acdfd0839b76e1bba8da8d88194ae
ep_bytes: ff25002040000ee9a2e1000000000000
timestamp: 2018-03-19 08:31:16


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Activision Blizzard
FileDescription: Battle NET lancher
FileVersion: 5.1.1.9
InternalName: launcher.exe
LegalCopyright: Copyright Blizzard ©  2016
LegalTrademarks: 
OriginalFilename: launcher.exe
ProductName: launcher
ProductVersion: 5.1.1.9
Assembly Version: 5.1.1.9

Trojan.Generic.31249666 also known as:

LionicTrojan.MSIL.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Generic.31249666
FireEyeGeneric.mg.9d42e5d695900c7d
McAfeeGenericRXCZ-DV!9D42E5D69590
CylanceUnsafe
CrowdStrikewin/malicious_confidence_70% (D)
AlibabaTrojan:MSIL/MalwareX.db76f88a
K7GWRiskware ( 0050b1e11 )
K7AntiVirusRiskware ( 0050b1e11 )
BitDefenderThetaGen:NN.ZemsilF.34062.Cm0@aKF5kJm
CyrenW32/MSIL_Agent.CLL.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Riskware.GameHack.Z
TrendMicro-HouseCallTROJ_GEN.R002C0PL421
Paloaltogeneric.ml
KasperskyHEUR:Trojan.MSIL.Generic
BitDefenderTrojan.Generic.31249666
AvastWin32:MalwareX-gen [Trj]
TencentMsil.Trojan.Generic.Huza
Ad-AwareTrojan.Generic.31249666
SophosMal/Generic-S
ComodoApplication.MSIL.GameHack.Z@7kilc4
TrendMicroTROJ_GEN.R002C0PL421
McAfee-GW-EditionBehavesLike.Win32.Generic.gh
EmsisoftTrojan.Generic.31249666 (B)
SentinelOneStatic AI – Malicious PE
GDataWin32.Trojan.Agent.B0KLAA
JiangminTrojan.MSIL.mwnq
eGambitUnsafe.AI_Score_99%
AviraHEUR/AGEN.1128570
MAXmalware (ai score=88)
Antiy-AVLTrojan/Generic.ASMalwS.25291EB
ArcabitTrojan.Generic.D1DCD502
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 99)
AhnLab-V3Unwanted/Win32.GameHack.R221945
Acronissuspicious
VBA32TScope.Trojan.MSIL
ALYacTrojan.Generic.31249666
MalwarebytesMalware.AI.3635851226
APEXMalicious
IkarusPUA.MSIL.Riskware
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.SHR!tr
AVGWin32:MalwareX-gen [Trj]
PandaTrj/GdSda.A

How to remove Trojan.Generic.31249666?

Trojan.Generic.31249666 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment