Trojan

What is “Trojan.Generic.35320591”?

Malware Removal

The Trojan.Generic.35320591 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.35320591 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Created a service that was not started
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Generic.35320591?



File Info:

name: A48FB1BA8121360277F9.mlw
path: /opt/CAPEv2/storage/binaries/4771bcb27f4c9d3239cf459f6e1d48131b243226f3ae065ab11637df4b317e18
crc32: 35FACD42
md5: a48fb1ba8121360277f99a04b594af80
sha1: adca2268ba8b5e0bf117b408ca104c6d5229e451
sha256: 4771bcb27f4c9d3239cf459f6e1d48131b243226f3ae065ab11637df4b317e18
sha512: 4f579a70e6faeb606b803f6ba045252a19080ec356d2694d750787342b3bfe3353fd06aacea79b8714a235ae6a978367ae5d14022337e0671220825eaf33fe26
ssdeep: 196608://Unc+msufPuZ864pWhhwVKJ2Kh1e+lfnYUfDzj:HMenfPY860cJJ2KDt3fDzj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A37633727C8A867AF16058F31D455634DEE7FCB85E3F8111524E1AD92E321EC680CF9A
sha3_384: 8027fee1572084f2ef21155a8c93a41724259c2a263940947e5022d42fc81b63f6b5ebf1deae73d67d3b8b75befa5a22
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2023-12-16 19:57:33


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: DPhoneLITE Setup                                            
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: DPhoneLITE                                                  
ProductVersion: 1.2.1.6             
Translation: 0x0000 0x04b0

Trojan.Generic.35320591 also known as:

BkavW32.Common.8FDB944B
LionicTrojan.Win32.Ekstak.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Generic.35320591
FireEyeTrojan.Generic.35320591
SkyhighBehavesLike.Win32.ObfuscatedPoly.wc
Cylanceunsafe
ZillyaTrojan.Ekstak.Win32.75801
SangforTrojan.Win32.Ekstak.Vnc3
K7AntiVirusTrojan ( 005722f11 )
K7GWTrojan ( 005722f11 )
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002C0XCB24
Paloaltogeneric.ml
KasperskyUDS:Trojan.Win32.Ekstak.aqrbq
BitDefenderTrojan.Generic.35320591
NANO-AntivirusTrojan.Win32.Ekstak.kfydzu
AvastOther:Malware-gen [Trj]
TencentWin32.Trojan.Ekstak.Bnhl
EmsisoftTrojan.Generic.35320591 (B)
F-SecureHeuristic.HEUR/AGEN.1372996
DrWebTrojan.Siggen22.39348
VIPRETrojan.Generic.35320591
TrendMicroTROJ_GEN.R002C0XCB24
SophosMal/Generic-S
IkarusTrojan.Win32.Agent
JiangminTrojan.Ekstak.cikr
GoogleDetected
AviraHEUR/AGEN.1372996
VaristW32/Agent.HYR.gen!Eldorado
KingsoftWin32.Trojan.Ekstak.aqrbq
MicrosoftProgram:Win32/Wacapew.C!ml
ArcabitTrojan.Generic.D21AF30F
ViRobotTrojan.Win.Z.Ekstak.7398105
ZoneAlarmHEUR:Trojan.Win32.Ekstak.gen
GDataTrojan.Generic.35320591
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.C5563616
ALYacTrojan.Generic.35320591
MAXmalware (ai score=83)
PandaTrj/Genetic.gen
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.221577795.susgen
FortinetW32/Agent.SLC!tr
AVGOther:Malware-gen [Trj]
DeepInstinctMALICIOUS
alibabacloudTrojan[dropper]:Win/Ekstak.gen

How to remove Trojan.Generic.35320591?

Trojan.Generic.35320591 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment