Trojan

Trojan.Mauvaise.S1194643 removal

Malware Removal

The Trojan.Mauvaise.S1194643 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Mauvaise.S1194643 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Trojan.Mauvaise.S1194643?



File Info:

name: 55A9F4355F9C9FA5C67D.mlw
path: /opt/CAPEv2/storage/binaries/dce621cf193a1c00dbeab47e3d56c57ecc2970e862bfb739df8dc4549b155048
crc32: 6E80495A
md5: 55a9f4355f9c9fa5c67dd818d0db5efb
sha1: f01dc225af617371ef1732cb512b08caa5391cc9
sha256: dce621cf193a1c00dbeab47e3d56c57ecc2970e862bfb739df8dc4549b155048
sha512: 7bd51abd04cd4d44b9773f5b93dace41186e099b4751bb1598c67c947b8ed46d4daadc77457c6bc9e7e999e1baf54ce8b693cc4d95482c061370575448619350
ssdeep: 96:151PJkm3OvWq3mFRQOT/y+dbiKaIQraGuR5SHeAJ:/16mev2FDT/y5JaRq+i
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18F023B87EBBC2209F5AE20366EF762151C257C108329CF4D1B74B5AE2D725201F5ABB0
sha3_384: 2d4d3f4af4aa3367ec71b8318a6cb195005480d267be6bb2d068542edd9b36e836516d281b56fc476e030a09a59a183c
ep_bytes: 60be006040008dbe00b0ffff5783cdff
timestamp: 2002-09-06 18:21:05


Version Info:

CompanyName: 
FileDescription: mkeygen MFC Application
FileVersion: 1, 0, 0, 1
InternalName: mkeygen
LegalCopyright: Copyright (C) 2001
LegalTrademarks: 
OriginalFilename: mkeygen.EXE
ProductName: mkeygen Application
ProductVersion: 1, 0, 0, 1
Translation: 0x0409 0x04b0

Trojan.Mauvaise.S1194643 also known as:

BkavW32.AIDetect.malware2
CAT-QuickHealTrojan.Mauvaise.S1194643
CylanceUnsafe
ZillyaTrojan.Genome.Win32.43923
K7GWRiskware ( 00584baa1 )
K7AntiVirusRiskware ( 00584baa1 )
BitDefenderThetaGen:NN.ZexaF.34084.amKfaaji9Bok
TrendMicro-HouseCallTROJ_GEN.R002H06IN21
Paloaltogeneric.ml
NANO-AntivirusTrojan.Win32.Agent.cudhc
McAfee-GW-EditionGenericRXFL-MX!55A9F4355F9C
SophosGeneric ML PUA (PUA)
Antiy-AVLGrayWare/Win32.Generic
APEXMalicious
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeGenericRXFL-MX!55A9F4355F9C
VBA32BScope.Trojan.Wacatac
MalwarebytesMalware.Heuristic.1003
YandexTrojan.Agent!vznSguKElYs

How to remove Trojan.Mauvaise.S1194643?

Trojan.Mauvaise.S1194643 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment