Trojan

What is “Trojan.Win32.Alien.myr”?

Malware Removal

The Trojan.Win32.Alien.myr is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Alien.myr virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • A HTTP/S link was seen in a script or command line
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Stores JavaScript or a script command in the registry, likely for fileless persistence
  • A script process created a new process
  • Suspicious JavaScript was executed by a script process
  • Attempts to modify proxy settings
  • Attempts to modify browser security settings
  • Appears to use command line obfuscation
  • Attempts to interact with an Alternate Data Stream (ADS)
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan.Win32.Alien.myr?



File Info:

name: AC62165A04F4D77E6F59.mlw
path: /opt/CAPEv2/storage/binaries/69d8546b96b1d8679865ede463d2eb72eafc8d22a79056c5458580c08e98b061
crc32: 8F97603F
md5: ac62165a04f4d77e6f59f4c6b8fc4148
sha1: 49529d11abf6312266c5629f874c91778f510f7e
sha256: 69d8546b96b1d8679865ede463d2eb72eafc8d22a79056c5458580c08e98b061
sha512: 559f3be2b2b4eb26c6dfee2fe4108c7891a9e216e4260ee1f9307467acf285403afbc91128c4044db9cab83f1298ff73af9cad3179dee132898e2c559d81c803
ssdeep: 6144:C5VP9Ge3+hoAvdeJBbLncZjOcVTmvYBGlbRx0MJFUzHxE:C5393whFOBbncVTslbL0MCa
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15C54CFD1FAD663FEE5933530C925F3A255FBF3200B1D86CB67A00A062C626D19B3D685
sha3_384: 48bf0a84dbce176aa4b057bcbe474ce643275631c75405d113b37668a861af66e53cfc29b932d83467a3d15543f52223
ep_bytes: 558bec6aff6880fa410068f0c4410064
timestamp: 2016-04-02 22:14:34


Version Info:

CompanyName: DriverPack
FileDescription: DriverPack
FileVersion: 1.0
InternalName: DriverPack
LegalCopyright: Copyright © Kuzyakov Artur
OriginalFilename: DriverPack.exe
PrivateBuild: 2016
ProductName: DriverPack
ProductVersion: 1.0
Translation: 0x0000 0x04b0

Trojan.Win32.Alien.myr also known as:

LionicTrojan.Win32.Alien.4!c
DrWebProgram.Unwanted.1869
MicroWorld-eScanGen:Variant.Application.DriverPack.2
FireEyeGeneric.mg.ac62165a04f4d77e
CAT-QuickHealTrojan.IGENERIC
McAfeeArtemis!AC62165A04F4
CylanceUnsafe
Cybereasonmalicious.a04f4d
ArcabitTrojan.Application.DriverPack.2
SymantecPUA.DriverPack
ESET-NOD32Win32/DriverPack.B potentially unwanted
TrendMicro-HouseCallPUA.Win32.DriverPack.USMANEACAN
ClamAVWin.Virus.Sality-6818478-0
KasperskyTrojan.Win32.Alien.myr
BitDefenderGen:Variant.Application.DriverPack.2
AvastFileRepMalware [PUP]
RisingMalware.Undefined!8.C (CLOUD)
Ad-AwareGen:Variant.Application.DriverPack.2
EmsisoftApplication.InstallDrive (A)
VIPRETrojan.Win32.Generic!BT
TrendMicroPUA.Win32.DriverPack.USMANEACAN
McAfee-GW-EditionBehavesLike.Win32.Upatre.dc
SophosDriverPack (PUA)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/CoinMiner.ab.a
WebrootW32.Adware.Driver.Pack
MAXmalware (ai score=99)
Antiy-AVLRiskWare[Downloader]/Win32.DriverPack.tlm
MicrosoftPUABundler:Win32/DriverPack
ViRobotAdware.Driverpack.285176
GDataWin32.Application.Agent.HHISE6
AhnLab-V3PUP/Win32.DriverPack.R235632
VBA32Trojan.Hesv
ALYacGen:Variant.Application.DriverPack.2
MalwarebytesPUP.Optional.DriverPack
APEXMalicious
YandexTrojan.DL.Alien!xlCZFS8qQek
MaxSecureTrojan.bundler.driverpack.1
FortinetW32/Fareit.A
AVGFileRepMalware [PUP]
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Trojan.Win32.Alien.myr?

Trojan.Win32.Alien.myr removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment