Trojan

About “Trojan.SabsikIH.S24673460” infection

Malware Removal

The Trojan.SabsikIH.S24673460 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.SabsikIH.S24673460 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics

How to determine Trojan.SabsikIH.S24673460?



File Info:

name: AF48E546328F30AFF409.mlw
path: /opt/CAPEv2/storage/binaries/f7a3ddb3d6403eafaff4ced2f2b0281cc7089ae2adf7510d89d22b9940fcb91e
crc32: 1BF3A903
md5: af48e546328f30aff4093ebbbf8ca808
sha1: 2255b71ddffc4ba98992bb3f66f06045ebc1dd31
sha256: f7a3ddb3d6403eafaff4ced2f2b0281cc7089ae2adf7510d89d22b9940fcb91e
sha512: 92e1a018ec573e3317ac24d9aa2327b53d2a09b73880c3417685ced597d6faea30d15fd4374dc0b143905d4c54a53fe98ffea21708bc7ebac67e9c72c809d314
ssdeep: 12288:z4iiSQAvs+xbPOUsCtBLnxXmr2CV5mOQLjiVQ3VO8DH8MSMGik9PXPH4sxAjJ/k:zyAk+JWUsC3x2+LL9GiqPfH4iAO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11405F885A9B3618DF3A3B2790B09158109460C77DB1399FE6FBDB95A31F26D18A87303
sha3_384: 196fe4f15473595bcfdad427c18e8dea0545e9d87850ebbdeba51a908c1d93c90830f4d5e56aa5fb97aa35a48607c513
ep_bytes: 83ec1cc7042402000000ff15a8015b00
timestamp: 2021-10-18 08:04:14


Version Info:

ProductName: nqaTMmjrzU
ProductVersion: 0.0.7.8
FileDescription: nqaTMmjrzUztO7NTLWHVYyYYu62BpFVnzYLGGCTCOBmbt0Sb0TE
CompanyName: nqaTMmj
LegalCopyright: All Rights Reserved
Comments: nqaTMmjrzUztO7NTLWHVYyYYu62BpFVn
Translation: 0x0409 0x0514

Trojan.SabsikIH.S24673460 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.47536760
FireEyeGeneric.mg.af48e546328f30af
CAT-QuickHealTrojan.SabsikIH.S24673460
McAfeeTrojan-FUBS!AF48E546328F
CylanceUnsafe
VIPREMultiPlug (v)
SangforTrojan.Win32.Stealer.gen
K7AntiVirusTrojan ( 0055037d1 )
AlibabaTrojanSpy:Win32/Stealer.2c5f4653
K7GWTrojan ( 0055037d1 )
Cybereasonmalicious.ddffc4
CyrenW32/Stealer.M.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HNCG
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
BitDefenderTrojan.GenericKD.47536760
AvastWin32:PWSX-gen [Trj]
TencentWin32.Trojan-spy.Stealer.Loro
Ad-AwareTrojan.GenericKD.47536760
SophosMal/Generic-S
Comodofls.noname@0
ZillyaTrojan.Kryptik.Win32.3608911
TrendMicroTROJ_GEN.R06CC0WJN21
McAfee-GW-EditionBehavesLike.Win32.Generic.bh
EmsisoftTrojan.GenericKD.47536760 (B)
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.47536760
JiangminTrojanSpy.Stealer.glb
AviraHEUR/AGEN.1145859
Antiy-AVLTrojan/Generic.ASMalwS.34CCAF9
ArcabitTrojan.Generic.D2D55A78
MicrosoftTrojan:MSIL/Reline.BF!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R446133
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34084.XK0@a4xQbJii
ALYacTrojan.GenericKD.47536760
MAXmalware (ai score=87)
VBA32TrojanSpy.Stealer
MalwarebytesTrojan.MalPack
TrendMicro-HouseCallTROJ_GEN.R06CC0WJN21
YandexTrojan.Kryptik!CTdO5hZNcvk
IkarusTrojan.Win32.Krypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Fragtor.3162!tr
AVGWin32:PWSX-gen [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.SabsikIH.S24673460?

Trojan.SabsikIH.S24673460 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment