Trojan.GenericFC.S16691458 (file analysis)

The Trojan.GenericFC.S16691458 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.GenericFC.S16691458 virus can do?

Executable code extraction
Creates RWX memory
Drops a binary and executes it
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
The binary likely contains encrypted or compressed data.
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
Network activity detected but not expressed in API logs

Related domains:

ip-api.com

salivary-senses.000webhostapp.com

How to determine Trojan.GenericFC.S16691458?


File Info:
crc32: 672A613F
md5: aa800634b57f5faad88bfecc9b5ac6ca
name: AA800634B57F5FAAD88BFECC9B5AC6CA.mlw
sha1: 9d2baf59df2a6f9b320833bfad8b1c1299ed9d18
sha256: e6beb296cff4c2d4f1a937ad63e631ed33c3573172dc62ebc873fa9fe9f205a0
sha512: 789753c3d437f2f8695dd2382539f2a4f704112a94eb7ffcc58af5fa4305bbcfd26c8a7ff49f361f6743e0aff787e26730c8bf34a4864fc9d84225dfef4a6b76
ssdeep: 12288:cy902sbD6GpoCrMt6aA/RUBi3vxTTGBRLuL:cyMXVrxZ6+JTK6
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: Wextract                
FileVersion: 11.00.10240.16384 (th1.150709-1700)
CompanyName: Microsoft Corporation
ProductName: Internet Explorer
ProductVersion: 11.00.10240.16384
FileDescription: Win32 Cabinet Self-Extractor                                           
OriginalFilename: WEXTRACT.EXE            .MUI
Translation: 0x0409 0x04b0

Trojan.GenericFC.S16691458 also known as:

K7AntiVirus	Spyware ( 004bd3191 )
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.PWS.Stealer.18353
Cynet	Malicious (score: 99)
CAT-QuickHeal	Trojan.GenericFC.S16691458
ALYac	Trojan.GenericKD.36225208
Cylance	Unsafe
Zillya	Trojan.Generic.Win32.1322579
Sangfor	Trojan.Win32.Generic.ky
Alibaba	TrojanBanker:MSIL/ClipBanker.9968f92a
K7GW	Spyware ( 004bd3191 )
Cybereason	malicious.4b57f5
Cyren	W32/Perseus.T.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	multiple detections
Zoner	Trojan.Win32.60682
APEX	Malicious
Avast	Win32:TrojanX-gen [Trj]
ClamAV	Win.Packed.Clipbanker-9782972-0
Kaspersky	UDS:Trojan.Win32.Generic
BitDefender	Trojan.GenericKD.36225208
NANO-Antivirus	Trojan.Win32.KeyLogger.dklttv
MicroWorld-eScan	Trojan.GenericKD.36225208
Tencent	Win32.Trojan.Generic.Lohk
Ad-Aware	Trojan.GenericKD.36225208
Sophos	Mal/Generic-S
Comodo	Malware@#tsbgzlfuyehr
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TrojanSpy.MSIL.PASSTEAL.SMD1
McAfee-GW-Edition	GenericRXJL-MW!8D47469FB45D
FireEye	Generic.mg.aa800634b57f5faa
Emsisoft	Trojan.GenericKD.36225208 (B)
SentinelOne	Static AI – Malicious SFX
Jiangmin	Trojan.Banker.MSIL.asn
Avira	HEUR/AGEN.1106072
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Generic.ASMalwS.22AB4F5
Microsoft	Trojan:MSIL/ClipBanker.A!MTB
GData	MSIL.Trojan.Clipbanker.L
McAfee	Artemis!AA800634B57F
MAX	malware (ai score=89)
Malwarebytes	Trojan.Downloader
TrendMicro-HouseCall	TrojanSpy.MSIL.PASSTEAL.SMD1
Rising	Spyware.ClipBanker!1.C5DA (CLASSIC)
Yandex	Trojan.Agent!9wgTP2mqT/I
Fortinet	MSIL/SpyPSW.AVQ!tr
AVG	Win32:TrojanX-gen [Trj]

How to remove Trojan.GenericFC.S16691458?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Trojan.GenericFC.S16691458 (file analysis)