Trojan

Trojan.Generic.34324610 (file analysis)

Malware Removal

The Trojan.Generic.34324610 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.34324610 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Behavioural detection: Transacted Hollowing
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Generic.34324610?



File Info:

name: 66A6F11A1753F20D927D.mlw
path: /opt/CAPEv2/storage/binaries/d79569ff5614d1243d6959c5905276953a649f8ee404fef2d108e1eb225b4c3e
crc32: D853C9F1
md5: 66a6f11a1753f20d927d95b8c0b1e394
sha1: 6db90ff29ec226e58983ec92aead57a339c580c8
sha256: d79569ff5614d1243d6959c5905276953a649f8ee404fef2d108e1eb225b4c3e
sha512: 62ec51bcb9e7653274dfb8c746238fea22a13cf978528c858197e18afa048746396b91582c2a48e18efab19b62d3670497145d745b8e1a6e22adf750e86e87e5
ssdeep: 49152:h2C4CUxPCdrX+oCkOciIQPeadZzip2vBxC3N/K6jmjqtExUi30/5UTSv:kC4C2CdruFTItpeY3N/KdjqtEai3iUTY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C7D5332BB5A254F2D1A67DF91D28B06EC42A7E720470F294647D1C9FAAEB108F05F7D0
sha3_384: 7d223a16cf8be18be0a1bdb6cf1a1bb1c5f046da57061b391fc13ed3eed9c3995e6c42cbe7068aceff0f728ce7516b24
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2023-10-16 19:40:57


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Sweet Home 3D Setup                                         
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Sweet Home 3D                                               
ProductVersion:                     
Translation: 0x0000 0x04b0

Trojan.Generic.34324610 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Ekstak.4!c
MicroWorld-eScanTrojan.Generic.34324610
SkyhighBehavesLike.Win32.ObfuscatedPoly.vc
ALYacTrojan.Generic.34324610
MalwarebytesAdware.DownloadAssistant
VIPRETrojan.Generic.34324610
SangforDropper.Win32.Ekstak.Vshn
K7AntiVirusTrojan ( 005722fe1 )
AlibabaTrojanDropper:Win32/Ekstak.7cfbd030
K7GWTrojan ( 005722fe1 )
CrowdStrikewin/malicious_confidence_60% (W)
SymantecTrojan.Gen.MBT
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
CynetMalicious (score: 99)
APEXMalicious
KasperskyTrojan.Win32.Ekstak.apgri
BitDefenderTrojan.Generic.34324610
AvastOther:Malware-gen [Trj]
TencentWin32.Trojan.Ekstak.Ximw
SophosMal/Generic-S
F-SecureTrojan.TR/Drop.Agent.qhhag
DrWebTrojan.Siggen21.47633
ZillyaTrojan.Ekstak.Win32.74533
TrendMicroTROJ_GEN.R002C0XKM23
FireEyeTrojan.Generic.34324610
EmsisoftTrojan.Generic.34324610 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojanDownloader.Dlass.nu
VaristW32/ABRisk.FJNA-1593
AviraTR/Drop.Agent.qhhag
MAXmalware (ai score=89)
MicrosoftTrojan:Win32/ICLoader.JLK!MTB
ArcabitTrojan.Generic.D20BC082
ViRobotTrojan.Win.Z.Agent.2980800
ZoneAlarmTrojan.Win32.Ekstak.apgri
GDataTrojan.Generic.34324610
AhnLab-V3Trojan/Win.Malware-gen.R618544
McAfeeArtemis!66A6F11A1753
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002C0XKM23
IkarusTrojan-Dropper.Win32.Agent
MaxSecureTrojan.Malware.219522285.susgen
FortinetW32/Agent.SLC!tr
AVGOther:Malware-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan.Generic.34324610?

Trojan.Generic.34324610 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment