Trojan

Should I remove “Trojan.Generic.31361388”?

Malware Removal

The Trojan.Generic.31361388 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.31361388 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan.Generic.31361388?



File Info:

name: A06785863A6FF50FDAB7.mlw
path: /opt/CAPEv2/storage/binaries/bba80a33ec8cc3e9673a45ba08c72957b56e700846c55058e112b1d8b0fc1c62
crc32: 9B685518
md5: a06785863a6ff50fdab700d071ba18f8
sha1: c178ee63207f405ab55fbfb5332311d5810762b3
sha256: bba80a33ec8cc3e9673a45ba08c72957b56e700846c55058e112b1d8b0fc1c62
sha512: 214578ddce11cca3944fba04d964975ebcee4aa99a5bd7bc54a820f9d95b21c70363c8244020d422c542558cc3a08a74374e3f93540805228b8973e481c36bb4
ssdeep: 12288:G5e5n9ScbfHZEw8QKQS03ULaHNqrxlKIQNo1TC+K5DyoxjFr:VZ37mRkEaHNYK3P+K5Dyox5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T140B423EF57848E06D2CF5778A8686FDD855C3C0DFFB93043A2B466976E471082A6C1B8
sha3_384: 2df49378b7315eaec5c4bb8e7eddd6c844f41bcdcfa74d47106bd18cd4f48ad36154fd2301db9ab799802a6de86674ab
ep_bytes: 6801104500e801000000c3c3f2cc77b5
timestamp: 2021-12-30 12:46:29


Version Info:

CompanyName: GitHub, Inc.
FileDescription: Atom
FileVersion: 1.58.0
InternalName: atom
LegalCopyright: Copyright © 2014-2021 GitHub, Inc. All rights reserved.
OriginalFilename: atom.exe
ProductName: Atom
ProductVersion: 1.58.0
SquirrelAwareVersion: 1
Translation: 0x0409 0x04b0

Trojan.Generic.31361388 also known as:

LionicTrojan.Win32.Stealer.l!c
Elasticmalicious (high confidence)
ClamAVWin.Trojan.Generic-9907417-0
FireEyeGeneric.mg.a06785863a6ff50f
CAT-QuickHealTrojan.StealerRI.S25742670
McAfeeRDN/Sabsik
CylanceUnsafe
K7AntiVirusTrojan ( 0058c18f1 )
AlibabaTrojanSpy:Win32/Stealer.ed0b832e
K7GWTrojan ( 0058c18f1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.Asprotect.KY
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan-Spy.Win32.Stealer.avwt
BitDefenderTrojan.Generic.31361388
MicroWorld-eScanTrojan.Generic.31361388
AvastWin32:PWSX-gen [Trj]
Ad-AwareTrojan.Generic.31361388
EmsisoftTrojan.Generic.31361388 (B)
ComodoMalware@#1jgev86ys6211
DrWebTrojan.PWS.Steam.24271
TrendMicroTROJ_FRS.0NA103A122
McAfee-GW-EditionRDN/Sabsik
SophosMal/Generic-S
IkarusTrojan.MSIL.Spy
GDataWin32.Trojan.PSE.1ON7GNP
JiangminTrojanSpy.Stealer.miq
WebrootW32.Adware.Gen
AviraTR/AD.RedLineSteal.kgbjb
Antiy-AVLTrojan/Generic.ASMalwS.34FC400
KingsoftWin32.Troj.Stealer.av.(kcloud)
GridinsoftTrojan.Heur!.012120B1
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Trojan/Win.PWSX-gen.R461788
VBA32TrojanPSW.Convagent
ALYacSpyware.Infostealer.RedLine
MAXmalware (ai score=80)
MalwarebytesTrojan.MalPack
TrendMicro-HouseCallTROJ_FRS.0NA103A122
RisingSpyware.Stealer!8.3090 (CLOUD)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.A7D6!tr
BitDefenderThetaGen:NN.ZexaF.34114.GG1aaGrnDEdk
AVGWin32:PWSX-gen [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Generic.31361388?

Trojan.Generic.31361388 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment