Trojan

Trojan.Generic.31263528 information

Malware Removal

The Trojan.Generic.31263528 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.31263528 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • NtSetInformationThread: attempt to hide thread from debugger
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Detects Sandboxie through the presence of a library
  • Queries information on disks, possibly for anti-virtualization
  • Checks for the presence of known windows from debuggers and forensic tools
  • CAPE detected the RedLine malware family
  • Checks for the presence of known devices from debuggers and forensic tools
  • Detects VirtualBox through the presence of a device
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Trojan.Generic.31263528?



File Info:

name: 999162A7AADFD5DD2AA5.mlw
path: /opt/CAPEv2/storage/binaries/8a763d278f74ce3350f109fe9a84ff74aa1dca48b9c001cb360c3d59c2cd5c51
crc32: B6D633E7
md5: 999162a7aadfd5dd2aa59c91e4caa967
sha1: c6115d2b3bdaa30207e4e94f2f14211cca403ea0
sha256: 8a763d278f74ce3350f109fe9a84ff74aa1dca48b9c001cb360c3d59c2cd5c51
sha512: 4b8c43ccd44f6498ee76c56903b23d499110ef9271a46c94b41a5ac371b03c57aaba949559c96aeef328b783d3de720786f61feaed57bafe75aa31778e5b40a4
ssdeep: 24576:Wg9EusebVjI6HzTHmTSbqzW3QKIdvuoEmm:WgWu9VjzTpKW3fboLm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16335BC8D66C0F210EC5536BD57B2D63123027E17ACA7923EA2B4766FCB72582CE3914D
sha3_384: 96b7ec914c5674f372e20d60f0dd336e13cc2b0c048865b83c737b61f7d5f6772d34322ca4febb77d1adce7d9a3a1200
ep_bytes: eb05c6cb9e606450eb05338df18c11e8
timestamp: 2105-06-17 10:44:44


Version Info:

CompanyName: Piriform Software Ltd
FileDescription: CCleaner Installer
FileVersion: 5.87.0.9306
LegalCopyright: Copyright © 2005-2021 Piriform Software Ltd
ProductName: CCleaner
Translation: 0x0000 0x04b0

Trojan.Generic.31263528 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.MSIL.Convagent.7!c
MicroWorld-eScanTrojan.Generic.31263528
FireEyeGeneric.mg.999162a7aadfd5dd
McAfeeArtemis!999162A7AADF
CylanceUnsafe
K7AntiVirusTrojan ( 0058b9741 )
AlibabaTrojanSpy:Win32/Stealer.493ba045
K7GWTrojan ( 0058b9741 )
Cybereasonmalicious.b3bdaa
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.Obsidium.CW
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Spy.Win32.Stealer.apzl
BitDefenderTrojan.Generic.31263528
AvastWin32:Trojan-gen
Ad-AwareTrojan.Generic.31263528
SophosMal/Generic-S
Comodo.UnclassifiedMalware@0
DrWebTrojan.PWS.Steam.23483
TrendMicroTrojanSpy.Win32.REDLINESTEALER.X
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
EmsisoftTrojan.Generic.31263528 (B)
IkarusTrojan.SuspectCRC
GDataTrojan.Generic.31263528
JiangminTrojanSpy.Stealer.kzx
MAXmalware (ai score=100)
KingsoftWin32.Troj.Banker.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D1DD0B28
ViRobotTrojan.Win32.Z.Agent.1098528
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34084.dr3@ayUOp@ci
ALYacTrojan.Generic.31263528
VBA32BScope.Trojan.Packed
MalwarebytesTrojan.MalPack
TrendMicro-HouseCallTrojanSpy.Win32.REDLINESTEALER.X
RisingTrojan.Generic@ML.100 (RDMK:Ul72pJ89LkyavUK78aqEZg)
YandexTrojanSpy.Stealer!dU3NZuxjzcw
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat
AVGWin32:Trojan-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_80% (W)

How to remove Trojan.Generic.31263528?

Trojan.Generic.31263528 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment