What is “Trojan.MultiRI.S19956481”?

Malware Removal

The Trojan.MultiRI.S19956481 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.MultiRI.S19956481 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

Related domains:

edgedl.me.gvt1.com

How to determine Trojan.MultiRI.S19956481?


File Info:

crc32: 6A5D6A52
md5: a383206c55f08f6d4b675e8dd6614cc5
name: A383206C55F08F6D4B675E8DD6614CC5.mlw
sha1: 6d245c8b2640fae218582262dc1c2e68279a836e
sha256: 135dbd8d59b2d623daa88612c35ba9c1bf7290428300febefe91ece233e82090
sha512: 7697b6631d6e6e9dc0c4f6071160785ffb861a10c6ecdfc95a72b53dce0fb6fdf1afce9bf00e2dc0aa7d36f621788b6e9d1263680de8f26dcab8c3eb635d1580
ssdeep: 3072:aA6cVUieJXfe5aL7FBMOJr7uC3IDaAunyw654/Q2uZAlDO:a3J256FBMO93IuAiywi4Y2Z
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Freeware
InternalName: ANSI32
FileVersion: 1.66
CompanyName: Jason Hood
Comments: http://ansicon.adoxa.vze.com/
ProductName: ANSICON
ProductVersion: 1.66
FileDescription: ANSI Console
OriginalFilename: ANSI32.dll
Translation: 0x0409 0x04b0

Trojan.MultiRI.S19956481 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTrojan.Dridex.775
ClamAVWin.Malware.Ffqf-9852717-0
CAT-QuickHealTrojan.MultiRI.S19956481
ALYacTrojan.GenericKDZ.74170
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.3055410
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaTrojan:Win32/Dridex.67644b6b
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
CyrenW32/Dridex.CV.gen!Eldorado
SymantecPacked.Generic.517
ESET-NOD32a variant of Win32/Kryptik.HKLA
APEXMalicious
AvastWin32:BankerX-gen [Trj]
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Yakes.pef
BitDefenderTrojan.GenericKDZ.74170
NANO-AntivirusTrojan.Win32.Yakes.iudgtf
MicroWorld-eScanTrojan.GenericKDZ.74170
Ad-AwareTrojan.GenericKDZ.74170
SophosMal/Generic-R + Mal/EncPk-APX
BitDefenderThetaGen:NN.ZedlaF.34686.ju8@aKElSroi
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionDrixed-FJX!A383206C55F0
FireEyeGeneric.mg.a383206c55f08f6d
EmsisoftTrojan.GenericKDZ.74170 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.Multi.sw
AviraTR/Crypt.Agent.psqhi
eGambitUnsafe.AI_Score_98%
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Dridex.PAC!MTB
GridinsoftTrojan.Win32.Banker.oa!s1
ZoneAlarmHEUR:Trojan.Win32.Yakes.pef
GDataTrojan.GenericKDZ.74170
AhnLab-V3Trojan/Win.Dridex.C4433034
McAfeeDrixed-FJX!A383206C55F0
MAXmalware (ai score=89)
MalwarebytesTrojan.Dridex
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0CDU21
RisingTrojan.Kryptik!1.D52E (CLOUD)
YandexTrojan.Kryptik!7L9ptSuyzIo
IkarusTrojan-Banker.Dridex
MaxSecureAdware.MultiPlug.OFDZ
FortinetW32/Dridex.AZ!tr
AVGWin32:BankerX-gen [Trj]

How to remove Trojan.MultiRI.S19956481?

Trojan.MultiRI.S19956481 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment