Trojan

Should I remove “Trojan.Generic.3624656”?

Malware Removal

The Trojan.Generic.3624656 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.3624656 virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Starts servers listening on 0.0.0.0:666, 0.0.0.0:667, 0.0.0.0:668, 0.0.0.0:670, 0.0.0.0:671, 0.0.0.0:672, 0.0.0.0:673, 0.0.0.0:674, 0.0.0.0:675, 0.0.0.0:676
  • Unconventionial language used in binary resources: Polish
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Anomalous binary characteristics

How to determine Trojan.Generic.3624656?



File Info:

name: 4B8B15D9F7C0BDA59D44.mlw
path: /opt/CAPEv2/storage/binaries/4c1927bfca2fbc09f041301c8d5f620945c29d78c73a62b1f1ce2a9e773009e0
crc32: 26F393FA
md5: 4b8b15d9f7c0bda59d44d967eb77a75c
sha1: 1485ae6d2101a7540092e144771f542f68e998b9
sha256: 4c1927bfca2fbc09f041301c8d5f620945c29d78c73a62b1f1ce2a9e773009e0
sha512: 3339930bd1e3a6949fc41ef449f838df2118e38c80ed4f390b0dcae8cb820d054b4c7cccac8d503d52056e4cdb89a5b4c05510885ce9ea5975b52342ca20e4b1
ssdeep: 12288:Syu85rQxbOt8CyxZ0v8r6nf9zHwEGF7PMLImKx:bu948Cykv+6lcEGFg0mK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T150C48E22B2E04537D1275E39DC1FA3A8A839FF502A2899476BF51C4CDF3A79139291D3
sha3_384: de43d713131ac4154cead1f65d812142f2010c3a8881bb9439d089ade86d6e9005395401d1f79061336aa097aac53adc
ep_bytes: 558bec83c4f0b868544700e85412f9ff
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Trojan.Generic.3624656 also known as:

MicroWorld-eScanTrojan.Generic.3624656
FireEyeGeneric.mg.4b8b15d9f7c0bda5
McAfeeArtemis!4B8B15D9F7C0
CylanceUnsafe
SangforTrojan.Win32.Wacatac.C
AlibabaBackdoor:Win32/Generic.36491fc2
Cybereasonmalicious.9f7c0b
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderTrojan.Generic.3624656
NANO-AntivirusTrojan.Win32.Banker1.ejofur
AvastWin32:Trojan-gen
Ad-AwareTrojan.Generic.3624656
EmsisoftTrojan.Generic.3624656 (B)
ComodoSuspicious@#rhupid6gtvp0
DrWebTrojan.PWS.Banker1.10057
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Bactera.hh
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataTrojan.Generic.3624656
WebrootW32.Malware.Gen
AviraBDS/Backdoor.Gen2
KingsoftWin32.Troj.Generic.(kcloud)
MicrosoftTrojan:Win32/Ymacco.AA4C
CynetMalicious (score: 100)
ALYacTrojan.Generic.3624656
MAXmalware (ai score=80)
TencentTrojan.Win32.BitCoinMiner.la
IkarusTrojan-Dropper.Delf
eGambitGeneric.Malware
BitDefenderThetaGen:NN.ZelphiF.34294.HGW@a0Qei8kG
AVGWin32:Trojan-gen
PandaGeneric Malware
MaxSecureTrojan.Malware.300983.susgen

How to remove Trojan.Generic.3624656?

Trojan.Generic.3624656 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment