Trojan

Should I remove “Trojan-PSW.Win32.Racealer.mrj”?

Malware Removal

The Trojan-PSW.Win32.Racealer.mrj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-PSW.Win32.Racealer.mrj virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the Raccoon malware family
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine Trojan-PSW.Win32.Racealer.mrj?



File Info:

name: 168B226317EE3DE1D230.mlw
path: /opt/CAPEv2/storage/binaries/b8fd2a121e4225b2371831a0270d93490f6dcab5fa823692a3e0f7dd69d7099f
crc32: B7F7EBA0
md5: 168b226317ee3de1d230d7dc1f25c321
sha1: 60e770866fc934f29e15aaa652d2189beae88831
sha256: b8fd2a121e4225b2371831a0270d93490f6dcab5fa823692a3e0f7dd69d7099f
sha512: 76b1f0ddfcda19142e954a735d546f74ea4fc16f09481421c01c7196c41d9decadead1494c2e2e006c558975258033c35213aa8945d61bdac060020e562f8b52
ssdeep: 24576:+CMpID1NGD8mvY3fK3byYfoT45IpJPQxm/ScYUdfjTC8Rzten7Nym:IpwWDAf+byYfoT4KpJPQxm/tLhVzc7Nf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T134352343E6804961C6350038D693DF72603F7D3BBB545B8329DAFABF2A75E10A52127B
sha3_384: c14b66339808f2b6db4b6a35b0b77b719e3ec08feb8224b1d07a39852d80f66c7588037e14bcfe45743d3f27e861d715
ep_bytes: 6801309000e801000000c3c3540d3bf3
timestamp: 2021-11-25 12:35:00


Version Info:

0: [No Data]

Trojan-PSW.Win32.Racealer.mrj also known as:

BkavW32.AIDetect.malware2
FireEyeGeneric.mg.168b226317ee3de1
CylanceUnsafe
Cybereasonmalicious.66fc93
BitDefenderThetaGen:NN.ZexaF.34062.dHWaamciczdi
KasperskyTrojan-PSW.Win32.Racealer.mrj
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
SentinelOneStatic AI – Malicious PE
AviraTR/AD.StellarStealer.nhrss
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.C4789517
VBA32BScope.TrojanPSW.Racealer
APEXMalicious
RisingMalware.Heuristic!ET#97% (RDMK:cmRtazoUfVwACM92hQV5yGPt+M7z)

How to remove Trojan-PSW.Win32.Racealer.mrj?

Trojan-PSW.Win32.Racealer.mrj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment