Trojan

About “Trojan.Heur.JP.nmHfaetGR3hi” infection

Malware Removal

The Trojan.Heur.JP.nmHfaetGR3hi is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Heur.JP.nmHfaetGR3hi virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Heur.JP.nmHfaetGR3hi?



File Info:

name: A3560CBA3BEA146DC309.mlw
path: /opt/CAPEv2/storage/binaries/4f78afa0dc8a8277274c56026c21cb6d69ee534fede6346fa2982d73c235d599
crc32: 567945E2
md5: a3560cba3bea146dc30938b30194ab98
sha1: 6c888ac32bee56cde6864230fef589ce5691f72b
sha256: 4f78afa0dc8a8277274c56026c21cb6d69ee534fede6346fa2982d73c235d599
sha512: b9901fc2874aa5bcd667de86f68569dd2acd9ebd1c0b2478299f6313667f22c44733a1943df35c2e0cfd17461e888ce371b07ada29f58ff14660dc7d84a5a625
ssdeep: 3072:llpq65qfgQQlxykDexw7Eoi67caBu38Rhbmd7ttshDhJLIrYFYyUPV/v/s:llpSfsl0kqC7Eovo5sXba78uqiV3k
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1472402096E28F64DD80C07BA25FBC7B16A35FC7755B80E2B45B43DDB787B2126893029
sha3_384: 38e587a9711ceec8a5860c2a5f46337297bb374de42b2e2a784febd8d0ed94c5d400fe50abcb82a27dd20355061f8956
ep_bytes: 60be006044008dbe00b0fbff57eb0b90
timestamp: 2014-01-27 15:19:17


Version Info:

0: [No Data]

Trojan.Heur.JP.nmHfaetGR3hi also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Nmhfaetgr.4!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Trojan.Heur.JP.nmHfaetGR3hi
FireEyeGen:Trojan.Heur.JP.nmHfaetGR3hi
McAfeeArtemis!A3560CBA3BEA
Cybereasonmalicious.a3bea1
APEXMalicious
BitDefenderGen:Trojan.Heur.JP.nmHfaetGR3hi
EmsisoftGen:Trojan.Heur.JP.nmHfaetGR3hi (B)
VIPREGen:Trojan.Heur.JP.nmHfaetGR3hi
McAfee-GW-EditionArtemis
Trapminemalicious.moderate.ml.score
GDataGen:Trojan.Heur.JP.nmHfaetGR3hi
ArcabitTrojan.Heur.JP.nmHfaetGR3hi
BitDefenderThetaAI:Packer.36A804DB1F
ALYacGen:Trojan.Heur.JP.nmHfaetGR3hi
TrendMicro-HouseCallTROJ_GEN.R002H09EN23
RisingTrojan.Generic@AI.100 (RDML:q3QXphm+B0Enh3CzY150RA)
MaxSecureTrojan.Malware.300983.susgen
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_100% (D)

How to remove Trojan.Heur.JP.nmHfaetGR3hi?

Trojan.Heur.JP.nmHfaetGR3hi removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment