Trojan.IGENERICPMF.S3577729 (file analysis)

The Trojan.IGENERICPMF.S3577729 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.IGENERICPMF.S3577729 virus can do?

Executable code extraction
Presents an Authenticode digital signature
Creates RWX memory
The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs

How to determine Trojan.IGENERICPMF.S3577729?


File Info:
crc32: C4D7F978
md5: 2b60fc52c0a3739148662c6a84f0e329
name: 2B60FC52C0A3739148662C6A84F0E329.mlw
sha1: bae899cce9cf7f3b344589fb0d14b10248685e14
sha256: 1e0eba71d0e3ca546c9e02d6d0b443b5fd14f5a38e091a6ccc26d82a21bfb094
sha512: 6bceed5cb1eeb97b02e3e0d8120f807c9cddec9ffaf677e018f3cdba3fe4e0be3765fa64e723280037ed9f38c128d2430e296ac9789bb8dcf77866e3b63ab317
ssdeep: 12288:R/IMvxpkofTvVXrRQFGf1G4b1hk5vyWeGYX1+HYAKua31hRlf6FOrpyjBIJLVanw:GMvxpVTNXrRgkY4hiyWs4YAu7Gz8W0Ce
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
InternalName: Installer/Uninstaller
FileVersion: 28,0,0,161
CompanyName: Systems Incorporated
ProductName: Installer/Uninstaller
ProductVersion: 28,0,0,161
FileDescription: Installer/Uninstaller
OriginalFilename: FlashUtil.exe
Translation: 0x0409 0x04b0

Trojan.IGENERICPMF.S3577729 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0053c4e01 )
Elastic	malicious (high confidence)
DrWeb	Trojan.InstallCube.3714
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.IGENERICPMF.S3577729
ALYac	Gen:Variant.Zusy.363659
Cylance	Unsafe
Zillya	Trojan.Kryptik.Win32.1483377
Sangfor	Suspicious.Win32.Save.a
Alibaba	Trojan:Win32/Katusha.5835341c
K7GW	Trojan ( 0053c4e01 )
Cybereason	malicious.2c0a37
Cyren	W32/ICLoader.BL.gen!Eldorado
Symantec	PUA.ICLoader
ESET-NOD32	a variant of Win32/Kryptik.GKTL
APEX	Malicious
Avast	Win32:DangerousSig [Trj]
ClamAV	Win.Packed.Icloader-7057426-0
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Zusy.363659
NANO-Antivirus	Trojan.Win32.InstallCube.fhnitp
MicroWorld-eScan	Gen:Variant.Zusy.363659
Tencent	Malware.Win32.Gencirc.10cc6064
Ad-Aware	Gen:Variant.Zusy.363659
Sophos	Generic PUA LK (PUA)
Comodo	Application.Win32.ICLoader.GS@84429a
BitDefenderTheta	Gen:NN.ZexaF.34266.or1@a81qtmmi
McAfee-GW-Edition	GenericRXGM-DQ!2B60FC52C0A3
FireEye	Generic.mg.2b60fc52c0a37391
Emsisoft	Application.AdFile (A)
SentinelOne	Static AI – Malicious PE
Jiangmin	Packed.Katusha.dvlb
Avira	TR/ICLoader.Gen8
eGambit	Unsafe.AI_Score_100%
Antiy-AVL	Trojan/Generic.ASMalwS.2804D4A
Microsoft	PUADlManager:Win32/InstallCube
Arcabit	Trojan.Zusy.D58C8B
GData	Gen:Variant.Zusy.363659
AhnLab-V3	PUP/Win32.ICLoader.R237220
Acronis	suspicious
McAfee	GenericRXGM-DQ!2B60FC52C0A3
MAX	malware (ai score=100)
VBA32	BScope.Trojan.InstallCube
Malwarebytes	Adware.FileTour.BatBitRst
Panda	Trj/Genetic.gen
Rising	Trojan.Kryptik!1.AA23 (CLASSIC)
Yandex	Trojan.GenAsa!PPMCFhdOlIA
Ikarus	PUA.ICLoader
MaxSecure	Packed.Packed.WIN32.Katusha.gen_212003
Fortinet	W32/CoinMiner.GYQC!tr
AVG	Win32:DangerousSig [Trj]
Paloalto	generic.ml

How to remove Trojan.IGENERICPMF.S3577729?

Trojan.IGENERICPMF.S3577729 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X