Trojan

Trojan.Win32.Khalesi.lqin (file analysis)

Malware Removal

The Trojan.Win32.Khalesi.lqin is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Khalesi.lqin virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

Related domains:

wpad.local-net

How to determine Trojan.Win32.Khalesi.lqin?



File Info:

name: C2DA5B1BDAA11D6A4591.mlw
path: /opt/CAPEv2/storage/binaries/11bbd44fc2a0af8274c01f3aeddd7c21b51545bbb3d85ba7f8981549e9961d9f
crc32: 536275F7
md5: c2da5b1bdaa11d6a459192665205f7e9
sha1: 5e0a79ab3088a349a18e5cbe01a2dc2575e033f9
sha256: 11bbd44fc2a0af8274c01f3aeddd7c21b51545bbb3d85ba7f8981549e9961d9f
sha512: 5ba82afd2d5a11a1d117ad6a9c0d7ed0e8e50f99474347201a736299036e2609bb5d8c0608c9b840514ec4f84343a84e6f69c33ac8c5e3d20ad080824dc628b3
ssdeep: 49152:sKnMLyVhp9R3RQA00bAiymnPr8sa+0LofNSSJ0XDURR0p99RxyKQq0:BnmyVJVA3SFa+W+NSSJ0XDURR0p9Pxyn
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1BED55C419910F251D4A547BA0C0B8EFEBE373E0257224BC72E582BCF1D9668946FE71B
sha3_384: 9c4daa8392ae022eadd6588f66680d517a5d858bd6de1593e06e5460cfc9f54178ffc69f2cb28be76225946b759abe51
ep_bytes: 4883ec28e8330500004883c428e97afe
timestamp: 2021-11-23 18:23:32


Version Info:

0: [No Data]

Trojan.Win32.Khalesi.lqin also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.47478636
FireEyeGeneric.mg.c2da5b1bdaa11d6a
McAfeeArtemis!C2DA5B1BDAA1
ZillyaTrojan.Khalesi.Win32.60808
ESET-NOD32a variant of Win64/DllInject.C potentially unsafe
TrendMicro-HouseCallTROJ_GEN.R067C0WKT21
KasperskyTrojan.Win32.Khalesi.lqin
BitDefenderTrojan.GenericKD.47478636
AvastWin64:TrojanX-gen [Trj]
Ad-AwareTrojan.GenericKD.47478636
SophosGeneric PUA FO (PUA)
TrendMicroTROJ_GEN.R067C0WKT21
McAfee-GW-EditionBehavesLike.Win64.Dropper.vh
EmsisoftTrojan.GenericKD.47478636 (B)
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.47478636
MAXmalware (ai score=81)
GridinsoftRansom.Win64.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4796641
ALYacTrojan.GenericKD.47478636
IkarusTrojan.Win64.Krypt
FortinetMalicious_Behavior.SB
AVGWin64:TrojanX-gen [Trj]
PandaTrj/CI.A

How to remove Trojan.Win32.Khalesi.lqin?

Trojan.Win32.Khalesi.lqin removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment