Trojan

Trojan.GenericPMF.S31032585 malicious file

Malware Removal

The Trojan.GenericPMF.S31032585 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.GenericPMF.S31032585 virus can do?

  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with MPRESS
  • Authenticode signature is invalid
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • CAPE detected the embedded win api malware family
  • Binary file triggered YARA rule
  • Attempts to modify proxy settings
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.GenericPMF.S31032585?



File Info:

name: 8AAABE8B0F36E908622E.mlw
path: /opt/CAPEv2/storage/binaries/a6c70481898e56b8bcfe929d91ccf3539a4527975ab7529a3e5a17d4c2cd2c3e
crc32: 9AB04DDF
md5: 8aaabe8b0f36e908622e278ad12e1b21
sha1: 037e4d1b6b7c6f2aeb52f830ed01abd4420de249
sha256: a6c70481898e56b8bcfe929d91ccf3539a4527975ab7529a3e5a17d4c2cd2c3e
sha512: 29c800db2049e7205863af92cee2b3c9978abc2ba5a3b0bc86612f797fa973555b9e34dd77a8783647ac23fbffbbf58da16a64aff06f4ad212751b94c67ab1bf
ssdeep: 768:ZPt8dH5JZTKSu7ycEfcTu7zVs0ei298DQ+5AAH:ZKB5J9nu2c4VnO8DQFg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B8E3CA386ED56672E37BCAB5C6F642C7F935B4233D02E80D40DA47850823F56EDA1A1E
sha3_384: 85eae15d20017c9d8a2ec9b45b3cceb4e6733c86b9b7d68bbf12f3fd0319e75d58d2f4b45a59235920d67b63dca6c3cf
ep_bytes: 558bec6aff6850300004684019000464
timestamp: 2014-03-17 18:46:26


Version Info:

0: [No Data]

Trojan.GenericPMF.S31032585 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader9.48808
MicroWorld-eScanGen:Variant.Jaik.63945
FireEyeGeneric.mg.8aaabe8b0f36e908
CAT-QuickHealTrojan.GenericPMF.S31032585
SkyhighBehavesLike.Win32.Infected.cz
ALYacGen:Variant.Jaik.63945
Cylanceunsafe
ZillyaDownloader.Waski.Win32.50916
SangforSuspicious.Win32.Save.ins
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDownloader:Win32/Upatre.fadfaf63
K7GWTrojan ( 0052964f1 )
K7AntiVirusTrojan ( 0052964f1 )
BitDefenderThetaGen:NN.ZexaF.36802.jmZ@aW34oLh
VirITTrojan.Win32.Upatre.AO
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Waski.B
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002C0DD124
ClamAVWin.Malware.Upatre-9934559-0
KasperskyHEUR:Trojan.Win32.Tremp.gen
BitDefenderGen:Variant.Jaik.63945
NANO-AntivirusTrojan.Win32.Crypted.cvonkg
AvastWin32:Trojan-gen
TencentTrojan.Win32.Generic.ta
EmsisoftGen:Variant.Jaik.63945 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
BaiduWin32.Trojan-Downloader.Waski.l
VIPREGen:Variant.Jaik.63945
TrendMicroTROJ_GEN.R002C0DD124
Trapminemalicious.high.ml.score
SophosTroj/Wonton-AH
IkarusTrojan-Downloader.Win32.Waski
JiangminTrojan/Bublik.gxy
WebrootW32.Trojan.Dropper
GoogleDetected
AviraTR/Crypt.XPACK.Gen
VaristW32/Upatre.NC.gen!Eldorado
Antiy-AVLTrojan/Win32.Waski.a
Kingsoftmalware.kb.b.998
MicrosoftTrojan:Win32/Upatre.MG!MTB
XcitiumTrojWare.Win32.Bublik.SKI@59ow1o
ArcabitTrojan.Jaik.DF9C9
ViRobotTrojan.Win32.Bublik.26112.A
ZoneAlarmHEUR:Trojan.Win32.Tremp.gen
GDataWin32.Trojan-Downloader.Upatre.BJ
CynetMalicious (score: 100)
AhnLab-V3Downloader/Win.Upatre.R536865
Acronissuspicious
McAfeeGeneric-FANY!8AAABE8B0F36
VBA32Trojan.Downloader
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
ZonerTrojan.Win32.21752
RisingTrojan.Kryptik!1.DBE3 (CLASSIC)
YandexTrojan.GenAsa!kn7uOjKO7pI
MAXmalware (ai score=84)
MaxSecureTrojan.Upatre.Gen
FortinetW32/Kryptik.BXKM!tr
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
alibabacloudTrojan.Win.UnkAgent

How to remove Trojan.GenericPMF.S31032585?

Trojan.GenericPMF.S31032585 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment