Trojan

Trojan.Generic.31351383 removal

Malware Removal

The Trojan.Generic.31351383 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.31351383 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Divehi
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)
  • Created a process from a suspicious location

How to determine Trojan.Generic.31351383?



File Info:

name: 7723D9E3744F2C719EEA.mlw
path: /opt/CAPEv2/storage/binaries/4ff4485f5ecad1d8e16eda6b3f6ffe45010248d14983ca7cdf3fddd0871b7273
crc32: 2C2D7A31
md5: 7723d9e3744f2c719eeabc6b8a493fdb
sha1: f94cdfb2cc72541b69ffa4883806957d4d3d1751
sha256: 4ff4485f5ecad1d8e16eda6b3f6ffe45010248d14983ca7cdf3fddd0871b7273
sha512: 7e009df382c1f1650e3cab8fd7998c9d3c00f9a5ae0b53993bfbc72cfd1155408eb141d5b616261129cbacec8a49882532027398582f809865c0ce284ed75f1e
ssdeep: 6144:mYHfwZpP1Ls/vdoRRur7spCMuNhA+mnY9JbLQz+B6u:mSwZ91Lccur7spCMuNhA+pRLQa
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E6746A10B7A0C035F1B312F889B952B4A52F7EE16B3491CB53D626EE96356E0ED3070B
sha3_384: eb39ddc62838e0f1841e3c881a5202cd9362d949c9b28a3dfb17c076b8f9e6547648d0c4f6fd5795c05397ea22197376
ep_bytes: 8bff558bece876890000e8110000005d
timestamp: 2020-11-05 03:40:42


Version Info:

0: [No Data]

Trojan.Generic.31351383 also known as:

Elasticmalicious (high confidence)
DrWebTrojan.Siggen16.21898
MicroWorld-eScanTrojan.Generic.31351383
FireEyeGeneric.mg.7723d9e3744f2c71
CAT-QuickHealTrojan.Azorult
McAfeePacked-GEE!7723D9E3744F
MalwarebytesTrojan.MalPack.GS
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
K7GWRiskware ( 0040eff71 )
CyrenW32/Kryptik.FSC.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HNVO
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Generic-9918587-0
KasperskyHEUR:Trojan.Win32.Strab.gen
BitDefenderTrojan.Generic.31351383
AvastWin32:CrypterX-gen [Trj]
TencentBackdoor.Win32.Tofsee.16000134
Ad-AwareTrojan.Generic.31351383
SophosMal/Generic-S + Troj/Krypt-FV
F-SecureTrojan.TR/Crypt.Agent.phgfk
TrendMicroTrojan.Win32.SMOKELOADER.YXBL5Z
McAfee-GW-EditionBehavesLike.Win32.MultiPlug.fm
EmsisoftTrojan.Generic.31351383 (B)
IkarusTrojan.Win32.Crypt
GDataWin32.Trojan.BSE.554AXK
JiangminBackdoor.Tofsee.fip
AviraTR/Crypt.Agent.phgfk
KingsoftWin32.PSWTroj.Undef.(kcloud)
ArcabitTrojan.Generic.D1DE6257
MicrosoftTrojan:Win32/Azorult.RTH!MTB
CynetMalicious (score: 100)
AhnLab-V3Ransomware/Win.Stop.R461538
Acronissuspicious
VBA32TrojanPSW.Racealer
ALYacTrojan.Generic.31351383
MAXmalware (ai score=82)
CylanceUnsafe
TrendMicro-HouseCallTrojan.Win32.SMOKELOADER.YXBL5Z
RisingMalware.Obscure!1.A3BB (CLOUD)
SentinelOneStatic AI – Malicious PE
FortinetW32/Kryptik.HNWJ!tr
AVGWin32:CrypterX-gen [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Trojan.Generic.31351383?

Trojan.Generic.31351383 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment