Trojan

Trojan.Generic.32104322 removal

Malware Removal

The Trojan.Generic.32104322 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.32104322 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Transacted Hollowing
  • CAPE detected the Zegost malware family
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Generic.32104322?



File Info:

name: F29B28C468CD79638C00.mlw
path: /opt/CAPEv2/storage/binaries/3e87b031bf49e2fc2d7a92b03fe56dbd36ff14f3f58c64d209551e3360058415
crc32: F3F4133E
md5: f29b28c468cd79638c00c1aa5f5827d5
sha1: fa9e52be9050bbed886cd720a0015ec9d9e34811
sha256: 3e87b031bf49e2fc2d7a92b03fe56dbd36ff14f3f58c64d209551e3360058415
sha512: 2fa29eeaf87d9e2f272eab349c99cf92701d90af5b545cf4c3c39e1c91510c2ef12a539809be15c53a22cf5b8b8c3002a11472217d3c84539bf017197dcf97f0
ssdeep: 98304:YarIuY5+ag/5lYaDPfIO+6zITGcXFp8l9ORt3EezfihQD3MbK2VElDboLohHN77a:YaK5+TfCxTnXFp8l9ORXrihQTuK2VExo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14336F26AB551C467C5333731C10E96F4E6B5BF3089B982632B923E7F3D305825928A7B
sha3_384: cff77c5245ccc0d55ad37b0817adc1664ebb085c8d9c4145a88f5917d763c4e810674347e6269aaa4a2a8fa12954aacb
ep_bytes: e8839a0000e989feffff8bff558bec8b
timestamp: 2022-11-07 13:02:47


Version Info:

CompanyName: Incredibuild Software Ltd.
FileDescription: Incredibuild Setup 10.1.2 (build 4821)
FileVersion: 10.1.2 (build 4821)
InternalName: install.exe
LegalCopyright: Copyright © 2001-2022 Incredibuild Software Ltd.
LegalTrademarks: 
OriginalFilename: install.exe
ProductName: Incredibuild
ProductVersion: 10.1.2 (build 4821)
Comments: 
Translation: 0x0409 0x01b5

Trojan.Generic.32104322 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
FireEyeGeneric.mg.f29b28c468cd7963
Cylanceunsafe
SangforTrojan.Win32.Farfli.V00s
K7AntiVirusTrojan ( 0054456a1 )
AlibabaTrojan:Win32/Farfli.b7902b64
K7GWTrojan ( 0054456a1 )
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32Win32/Farfli.CPE
APEXMalicious
KasperskyVHO:Trojan.Win32.Agent.gen
BitDefenderTrojan.Generic.32104322
MicroWorld-eScanTrojan.Generic.32104322
AvastWin32:MalwareX-gen [Trj]
TencentMalware.Win32.Gencirc.13acc6f3
SophosMal/Generic-S
F-SecureTrojan.TR/AD.Farfli.fpvyp
VIPRETrojan.Generic.32104322
EmsisoftTrojan.Generic.32104322 (B)
IkarusBackdoor.Win32.Inject
GDataWin32.Backdoor.Zegost.6TAOT0
GoogleDetected
AviraTR/AD.Farfli.fpvyp
Antiy-AVLTrojan/Win32.Farfli
ArcabitTrojan.Generic.D1E9DF82
ZoneAlarmVHO:Trojan.Win32.Agent.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
BitDefenderThetaGen:NN.ZexaCO.36680.@x0@aKH@2Xik
ALYacTrojan.Generic.32104322
MAXmalware (ai score=80)
VBA32suspected of Trojan.Downloader.gen
MalwarebytesAutoRun.Spyware.Stealer.DDS
RisingTrojan.Generic@AI.100 (RDML:l5A1pomAhBSiq0g6S4Z3kw)
MaxSecureTrojan.Malware.193736104.susgen
FortinetW32/PossibleThreat
AVGWin32:MalwareX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan.Generic.32104322?

Trojan.Generic.32104322 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment