Trojan

Trojan.MCazm.Gen.1 information

Malware Removal

The Trojan.MCazm.Gen.1 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MCazm.Gen.1 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • Uses Windows utilities to enumerate running processes
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • The sample wrote data to the system hosts file.
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan.MCazm.Gen.1?



File Info:

name: BE88D2D5E00DFDDAB8B9.mlw
path: /opt/CAPEv2/storage/binaries/048e8dab716c8f8937946c3a07cb3c0c4ce31db74893e6a31c5fcadb082bed60
crc32: B7651C5B
md5: be88d2d5e00dfddab8b99b01e1e6c19a
sha1: 0a8b985b18f3f0b3cfa2c0c251bc356f8e3399c6
sha256: 048e8dab716c8f8937946c3a07cb3c0c4ce31db74893e6a31c5fcadb082bed60
sha512: 47d16ccfb756f00a7dfaaae66d23dfec834d1afbe27a10ff6d58a00804f689e16a996da40aabc4989256129e10cd43f53845772f0efa071ce5026b6941ce2770
ssdeep: 12288:rk5L2FqPuLuuc36xpJRaj30vv4LjSuyhBfOEBgQUYKt2EGvK:r2yQPx3uRaS4LhKfJBgzYBK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T102C401417780A8F5DAB5C672DF1EE36242B3F7A957411F87A2CA1E052ED31B1230B5CA
sha3_384: 563685272fdb082d0bd461628be882d4940b40cd4850896044d3604ab16f57d91c485fb6d0b34788cf4519b1128ddf55
ep_bytes: 558bec6aff68504c410068801f410064
timestamp: 2010-06-27 07:06:38


Version Info:

CompanyName: Oleg N. Scherbakov
FileDescription: 7z Setup SFX (x86)
FileVersion: 1.4.0.1795
InternalName: 7ZSfxMod
LegalCopyright: Copyright © 2005-2010 Oleg N. Scherbakov
OriginalFilename: 7ZSfxMod_x86.exe
PrivateBuild: June 27, 2010
ProductName: 7-Zip SFX
ProductVersion: 1.4.0.1795
Translation: 0x0000 0x04b0

Trojan.MCazm.Gen.1 also known as:

LionicTrojan.Win32.Badur.m658
Elasticmalicious (moderate confidence)
MicroWorld-eScanTrojan.MCazm.Gen.1
FireEyeTrojan.MCazm.Gen.1
McAfeeArtemis!BE88D2D5E00D
CylanceUnsafe
VIPRETrojan.MCazm.Gen.1
SangforTrojan.Win32.Bicololo.8
Cybereasonmalicious.5e00df
ESET-NOD32Win32/Bicololo.GC
TrendMicro-HouseCallTROJ_GEN.R067H0CHI22
Paloaltogeneric.ml
ClamAVWin.Trojan.Bicololo-8
BitDefenderTrojan.MCazm.Gen.1
AvastWin32:GenMalicious-ARQ [Trj]
TencentWin32.Trojan.Mcazm.Pits
Ad-AwareTrojan.MCazm.Gen.1
ComodoMalware@#kupu7mb9f7ff
McAfee-GW-EditionBehavesLike.Win32.Dropper.hc
SophosMal/Generic-S
GDataTrojan.MCazm.Gen.1
AviraTR/Downloader.suhh
ArcabitTrojan.MCazm.Gen.1
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
ALYacTrojan.MCazm.Gen.1
MAXmalware (ai score=81)
APEXMalicious
YandexTrojan.Bicololo!vA2xiOen82w
AVGWin32:GenMalicious-ARQ [Trj]

How to remove Trojan.MCazm.Gen.1?

Trojan.MCazm.Gen.1 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment