Trojan

Trojan.Generic.KDZ.2968 malicious file

Malware Removal

The Trojan.Generic.KDZ.2968 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.KDZ.2968 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Uses Windows utilities for basic functionality
  • Attempted to write to a harddisk volume
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)

How to determine Trojan.Generic.KDZ.2968?



File Info:

name: 6A08E81D1D5050FE2F34.mlw
path: /opt/CAPEv2/storage/binaries/6c6a0ab7cb1b495f01bd5a25395b1a44352a036b4d4382ab70e555db87c95974
crc32: C70AAAAB
md5: 6a08e81d1d5050fe2f34d42a01e6a1f1
sha1: 098a0a5b1ab4c9afa73b6de068b4aa5f6f21220b
sha256: 6c6a0ab7cb1b495f01bd5a25395b1a44352a036b4d4382ab70e555db87c95974
sha512: af6c0e28ff160e46efda84ebbe014d556aa0818e5fb7874b01dbebb2b8276ddd5e1630bbb867fe9449e4194d188f00672f9727d92f6b44b57c11a457ce54e2e2
ssdeep: 3072:dBbRo7XPv2VoljG9+qFnIZRE7mRPARuU+TPLjV6bhLg+OFFHic+vVpEULGq:PRCkol6jSZREcPG6TLR6lUL3l+tpEoGq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14D140122A6B82DC7CC15EA33429EFF1B51A1CF30DF98DA2A6DD18E79A37129305571C1
sha3_384: 6c9843ee4525bd9320f43519c4cd61885f09119c053e3ab0e4633dac8a209decc3ac646fd7474b0958a77e3c8d2d8166
ep_bytes: 558bec83e4f881ec9c00000053565733
timestamp: 2012-05-13 05:48:08


Version Info:

0: [No Data]

Trojan.Generic.KDZ.2968 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Generic.KDZ.2968
FireEyeGeneric.mg.6a08e81d1d5050fe
McAfeeZeroAccess.ib
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 0040f2651 )
K7AntiVirusTrojan ( 0040f2651 )
BitDefenderThetaGen:NN.ZexaF.36318.mqW@aatDNQe
CyrenW32/Zaccess.AG.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.ARKC
APEXMalicious
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Generic.KDZ.2968
NANO-AntivirusTrojan.Win32.ZAccess.bgiihm
SUPERAntiSpywareTrojan.Agent/Gen-Kryptik
AvastWin32:MalOb-IJ [Cryp]
TencentWin32.Trojan.Generic.Dkjl
EmsisoftTrojan.Generic.KDZ.2968 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.DownLoader7.47591
VIPRETrojan.Generic.KDZ.2968
TrendMicroTROJ_KREPTK.SM05
McAfee-GW-EditionZeroAccess.ib
Trapminemalicious.high.ml.score
SophosMal/EncPk-AHJ
SentinelOneStatic AI – Suspicious PE
GDataTrojan.Generic.KDZ.2968
JiangminBackdoor/PMax.ir
GoogleDetected
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Win32.AGeneric
XcitiumTrojWare.Win32.Kryptik.ARKB@4tbnte
ArcabitTrojan.Generic.KDZ.DB98
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Sirefef.P
CynetMalicious (score: 100)
AhnLab-V3Backdoor/Win32.PMax.R47777
VBA32BScope.Trojan.Downloader
ALYacTrojan.Generic.KDZ.2968
MAXmalware (ai score=87)
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_KREPTK.SM05
RisingTrojan.Sirefef!8.137 (TFE:1:XrPTrAioZKI)
IkarusBackdoor.Win32.ZAccess
FortinetW32/ZeroAccess.B!tr
AVGWin32:MalOb-IJ [Cryp]
Cybereasonmalicious.d1d505
DeepInstinctMALICIOUS

How to remove Trojan.Generic.KDZ.2968?

Trojan.Generic.KDZ.2968 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment