Trojan

Trojan.Mint.Jamg.A removal tips

Malware Removal

The Trojan.Mint.Jamg.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Mint.Jamg.A virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Attempts to connect to a dead IP:Port (2 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Deletes its original binary from disk
  • Behavioural detection: Injection (inter-process)
  • Installs itself for autorun at Windows startup
  • Overwrites an accessibility feature binary for Windows login bypass, persistence or privilege escalation
  • Creates a copy of itself

How to determine Trojan.Mint.Jamg.A?



File Info:

name: D143429A7BD5A78F9992.mlw
path: /opt/CAPEv2/storage/binaries/1d244b02a2a4e41d6a366440928a3a6efeccf8bb5f0042566eb615763330e09a
crc32: C9ACF528
md5: d143429a7bd5a78f99921a72f88bb610
sha1: 6538423a195c8338e4ce950fe8059fafb7475f0c
sha256: 1d244b02a2a4e41d6a366440928a3a6efeccf8bb5f0042566eb615763330e09a
sha512: c3e3c25f8a20f05980cc5c88eff1ccfb24c62313dd4db470cd6e43ef3d7d683a4f559858635d90931b8dffcae974e59b75c3d8945b3892d5b5cfc3fc08221188
ssdeep: 768:ykBFzs6qL5UL1W9bjzJ9Wh4aAn6TZhUKrPtsMor:y6FMU5W93z7WaajTVlG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C623F70FB5EAF4B6D45C92781B2352F5506976105F0044CADABF6E4FE0A8E36BB3094B
sha3_384: 0f68b72e589bc53e9f99de3cc0c31fb509bb06bb1f6aca64f530f39a522b75cf15060bed332525deb6c212b4fe2416be
ep_bytes: 558bec83ec50c745dc00000000c745e0
timestamp: 2013-05-29 12:41:29


Version Info:

0: [No Data]

Trojan.Mint.Jamg.A also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Generic.lIDA
Elasticmalicious (high confidence)
FireEyeGeneric.mg.d143429a7bd5a78f
McAfeeRansom-FCDH!D143429A7BD5
CylanceUnsafe
ZillyaBackdoor.Androm.Win32.1718
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0056401c1 )
AlibabaRansom:Win32/Tobfy.480fb0ec
K7GWTrojan ( 0056401c1 )
Cybereasonmalicious.a7bd5a
BitDefenderThetaGen:NN.ZexaF.34212.dOW@aOwLtUec
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.BCMK
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Mint.Jamg.A
NANO-AntivirusTrojan.Win32.Androm.cxzhcz
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
MicroWorld-eScanTrojan.Mint.Jamg.A
AvastWin32:Malware-gen
TencentWin32.Trojan.Generic.Wofj
Ad-AwareTrojan.Mint.Jamg.A
EmsisoftTrojan.Mint.Jamg.A (B)
ComodoMalware@#1tvl5zrlhakd2
VIPRETrojan.Win32.Reveton.a (v)
McAfee-GW-EditionRansom-FCDH!D143429A7BD5
SophosMal/Generic-S
APEXMalicious
GDataTrojan.Mint.Jamg.A
JiangminBackdoor/Androm.ln
WebrootTrojan.Dropper.Gen
AviraBDS/ZeroAccess.Gen7
MAXmalware (ai score=100)
Antiy-AVLTrojan[Backdoor]/Win32.Androm
KingsoftWin32.Hack.Androm.s.(kcloud)
ArcabitTrojan.Mint.Jamg.A
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftRansom:Win32/Tobfy.S
SentinelOneStatic AI – Malicious PE
AhnLab-V3Trojan/Win32.Zbot.R70307
Acronissuspicious
VBA32TScope.Malware-Cryptor.SB
ALYacTrojan.Mint.Jamg.A
MalwarebytesMalware.AI.3977051919
RisingRansom.Tobfy!8.339 (CLOUD)
YandexTrojan.GenAsa!8H9Z8tTvpJY
IkarusTrojan-Dropper.Win32.Injector
MaxSecureTrojan.Malware.5811879.susgen
FortinetW32/Kryptik.AZIW!tr
AVGWin32:Malware-gen
PandaTrj/Hexas.HEU
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Mint.Jamg.A?

Trojan.Mint.Jamg.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment