Crack Trojan

What is “Trojan.Win32.MalCrack.a”?

Malware Removal

The Trojan.Win32.MalCrack.a is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.MalCrack.a virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Installs a browser addon or extension
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Behavioural detection: Transacted Hollowing
  • Deletes executed files from disk

How to determine Trojan.Win32.MalCrack.a?



File Info:

name: AA69B8BF9E269CC70297.mlw
path: /opt/CAPEv2/storage/binaries/1dc3b7d05a874a00eab07f589b2324e988e3ead54dd14513ef4c103ca477d378
crc32: 493F404F
md5: aa69b8bf9e269cc70297b99e7931bd98
sha1: 4d2f7a9784f8db3c24890680c8d89c7c8b64bada
sha256: 1dc3b7d05a874a00eab07f589b2324e988e3ead54dd14513ef4c103ca477d378
sha512: ddfcb823d3de2983118817ab80e242355429f2fc94816e997779af7be3adafe294522fa141b56fde1e54cd8bcd911f6e05e4a4583974c95696d9d9007826b4b5
ssdeep: 12288:uaHc64b888888888888W88888888888CoscV7/9GqeMo3KM5oq/h/txh33rD+zG5:F86HjW7/9oKTqNtbezG/aYFkJR30F6re
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T172F40213B3C30031F5665A35CC768004AD6778B949F4606A2EF9EB0E4EBA6C69D77F21
sha3_384: a3a3ec1acc7d9ac1f9900375875e42d9efb86bfbdeedfef45bfa7036b7091c4c5de5ccce772566705a3af5283367c69d
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2018-06-14 13:27:46


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription:                                                             
FileVersion: 143.215             
LegalCopyright:                                                                                                     
ProductName:                                                             
ProductVersion: 143.215                                           
Translation: 0x0000 0x04b0

Trojan.Win32.MalCrack.a also known as:

LionicTrojan.Win32.MalCrack.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Addrop.A.32D36315
ClamAVWin.Malware.Ejfb-9784212-0
FireEyeGeneric.Addrop.A.32D36315
ALYacGeneric.Addrop.A.32D36315
Cylanceunsafe
SangforDropper.Win32.Addrop.Vw7h
K7AntiVirusTrojan ( 0053aeb31 )
AlibabaTrojanDropper:Win32/MalCrack.69dcd3c9
K7GWTrojan ( 0053aeb31 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/Addrop.D.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDropper.Addrop.CH
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.MalCrack.a
BitDefenderGeneric.Addrop.A.32D36315
AvastNSIS:Adware-AEQ [Adw]
TencentTrojan.Win32.MalCrack.haw
EmsisoftGeneric.Addrop.A.32D36315 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen8
DrWebAdware.OxyPumper.18
VIPREGeneric.Addrop.A.32D36315
TrendMicroTROJ_GEN.R011C0PF623
McAfee-GW-EditionBehavesLike.Win32.Dropper.bc
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataGeneric.Addrop.A.32D36315
JiangminTrojanDropper.Agentino.a
AviraTR/Crypt.XPACK.Gen8
ZoneAlarmTrojan.Win32.MalCrack.a
MicrosoftTrojan:Script/Phonzy.A!ml
AhnLab-V3Adware/Win.Addrop.C5428349
McAfeeArtemis!AA69B8BF9E26
MalwarebytesAddrop.Trojan.Dropper.DDS
TrendMicro-HouseCallTROJ_GEN.R002H0CF123
RisingDownloader.TaskLoader/ARCHIVE!1.CDEA (CLASSIC)
YandexTrojan.DR.Addrop!iz/gJk9Rgf4
IkarusTrojan-Dropper.Addrop
FortinetW32/Addrop.CH!tr
AVGNSIS:Adware-AEQ [Adw]
Cybereasonmalicious.f9e269
DeepInstinctMALICIOUS

How to remove Trojan.Win32.MalCrack.a?

Trojan.Win32.MalCrack.a removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment