Trojan

Trojan.GenericPMF.S24432116 removal

Malware Removal

The Trojan.GenericPMF.S24432116 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.GenericPMF.S24432116 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Divehi
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Detects Sandboxie through the presence of a library
  • Detects Avast Antivirus through the presence of a library
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization

How to determine Trojan.GenericPMF.S24432116?



File Info:

name: 82199669E75AEC309BD0.mlw
path: /opt/CAPEv2/storage/binaries/2dc346ac9eb8c9f2d929a2c0242b2b78c37c63f1c8d62d6a8216f7f4c08be8ed
crc32: C3DD7F7E
md5: 82199669e75aec309bd0c99cd23c056c
sha1: 4beca2298a222668b87ab9e3616435176a82c79e
sha256: 2dc346ac9eb8c9f2d929a2c0242b2b78c37c63f1c8d62d6a8216f7f4c08be8ed
sha512: a734b70f17cc1f7ca1f959c7b3776dd539d94efca03617c2f13a3fc5d70b1c48b636f72bbdd3d0ab90e990c0b5e5e6be081a710abd94198039f37495981d3f32
ssdeep: 3072:f5XPUy8xsQswuz7bvPDkhsG4zBNQYdTFa7P5s53Z89Wrxpzbgqru:hXPcxsEuzXnDkA9f9Fk5IZWuzbgwu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T121049E3C36FDC871C4A3163048A1CAA59A7ABC22557441CB2794272E5F70F9C5EEB36E
sha3_384: e564d8186b316fdd5d731d19b6962bcc95c45941a9e1f87895b3ecd11ff89100d19d0de9fd8f259893f3f81138e6d67e
ep_bytes: e870480000e989feffff8bff558bec83
timestamp: 2021-01-03 15:33:56


Version Info:

InternalName: bomgpiaruci.iwa
Copyright: Copyrighz (C) 2021, fudkagat
ProductVersion: 75.54.30.5
Translation: 0x0195 0x047e

Trojan.GenericPMF.S24432116 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Zbot.m6l9
Elasticmalicious (high confidence)
DrWebTrojan.Siggen15.32641
MicroWorld-eScanTrojan.GenericKDZ.79480
FireEyeGeneric.mg.82199669e75aec30
CAT-QuickHealTrojan.GenericPMF.S24432116
ALYacTrojan.GenericKDZ.79480
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00589b2b1 )
AlibabaRansom:Win32/StopCrypt.86db1add
K7GWTrojan ( 00589b2b1 )
Cybereasonmalicious.98a222
BitDefenderThetaGen:NN.ZexaF.34084.lu0@aioFzAhG
CyrenW32/Kryptik.FOQ.gen!Eldorado
SymantecPacked.Generic.528
ESET-NOD32a variant of Win32/Kryptik.HNDM
TrendMicro-HouseCallTrojan.Win32.SMOKELOADER.YXBKAZ
AvastWin32:MalwareX-gen [Trj]
KasperskyHEUR:Trojan.Win32.Agent.gen
BitDefenderTrojan.GenericKDZ.79480
Ad-AwareTrojan.GenericKDZ.79480
SophosML/PE-A + Troj/Krypt-BO
TrendMicroTrojan.Win32.SMOKELOADER.YXBKAZ
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
EmsisoftTrojan.Crypt (A)
GDataWin32.Trojan.PSE1.1EYRCG4
JiangminTrojan.Agent.dqoq
AviraHEUR/AGEN.1145786
ArcabitTrojan.Generic.D13678
MicrosoftRansom:Win32/StopCrypt.MAQK!MTB
AhnLab-V3Downloader/Win.BeamWinHTTP.R448093
Acronissuspicious
McAfeePacked-GDT!82199669E75A
MAXmalware (ai score=88)
VBA32Malware-Cryptor.2LA.gen
MalwarebytesTrojan.MalPack.GS
APEXMalicious
RisingTrojan.Kryptik!1.DAA2 (CLASSIC)
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_96%
FortinetW32/Kryptik.HNDM!tr
AVGWin32:MalwareX-gen [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Trojan.GenericPMF.S24432116?

Trojan.GenericPMF.S24432116 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment