TrojanDownloader:Win32/Dalexis.C malicious file

Malware Removal

The TrojanDownloader:Win32/Dalexis.C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What TrojanDownloader:Win32/Dalexis.C virus can do?

  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Attempts to connect to a dead IP:Port (8 unique times)
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Suspicious downloader (Cabby)
  • Attempts to create or modify system certificates
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz
r4—sn-4g5ednsz.gvt1.com
update.googleapis.com
redirector.gvt1.com
r6—sn-4g5ednle.gvt1.com
evalero.com
apps.identrust.com
springtree.cba.pl
mmadolec.ipower.com
collection-opus.fr
compassfx.com
masterbranditalia.com

How to determine TrojanDownloader:Win32/Dalexis.C?


File Info:

crc32: C620CB10
md5: 095ba02c6c0637bfddbc00af59e02561
name: 095BA02C6C0637BFDDBC00AF59E02561.mlw
sha1: bdceb03e99c05ca2a5979c6e141256440ef18d0e
sha256: b7f45bbea5cbf6424542955546a3117b9acefcbaa6ffbb6460ffe978d55ae59c
sha512: ef0a7404c6100946ca4addd7327688cd125477ba8f00692b7e2dd672b2f3786522b1a9e054cf787073bac3dd1710885cc29f09fa6936b5bdc1e30201f4de18be
ssdeep: 384:0h3ysfJUQgLAyqlguv+nzmBomrmdI3mOIII4IIILRUSA3Ys8cAZ5F+YsFP50:u3ysfJKalg7zmBomCdIIUShnUYsh
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

TrojanDownloader:Win32/Dalexis.C also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Dalexis.Gen.1
FireEyeGeneric.mg.095ba02c6c0637bf
CAT-QuickHealTrojanDownloader.Dalexis.A3
McAfeeRansom-CTB
CylanceUnsafe
VIPRETrojan.Win32.Dalexis.e (v)
SangforMalware
K7AntiVirusTrojan ( 005037481 )
BitDefenderTrojan.Dalexis.Gen.1
K7GWTrojan ( 005037481 )
CrowdStrikewin/malicious_confidence_100% (D)
TrendMicroTROJ_DALEXIS.SMK
BaiduWin32.Trojan.Elenoocka.a
CyrenW32/Dalexis.V.gen!Eldorado
SymantecPacked.Generic.493
APEXMalicious
ClamAVWin.Trojan.Generickdz-1180
KasperskyHEUR:Trojan.Win32.Generic
RisingTrojan.Win32.CTB-locker.a (CLASSIC)
Ad-AwareTrojan.Dalexis.Gen.1
EmsisoftTrojan.Dalexis.Gen.1 (B)
ComodoTrojWare.Win32.TrojanDownloader.Elenoocka.EDA@5ktwuk
F-SecureTrojan.TR/Crypt.ZPACK.Gen4
InvinceaML/PE-A + Troj/Agent-AIRO
McAfee-GW-EditionBehavesLike.Win32.Generic.nh
SophosTroj/Agent-AIRO
IkarusTrojan-Downloader.CTBLocker
AviraTR/Crypt.ZPACK.Gen4
MAXmalware (ai score=83)
MicrosoftTrojanDownloader:Win32/Dalexis.C
ArcabitTrojan.Dalexis.Gen.1
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Dalexis.Gen.1
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/CTBLocker.Gen
Acronissuspicious
VBA32Trojan.FakeAV.01657
MalwarebytesTrojan.Dropper.LK
ESET-NOD32a variant of Win32/Kryptik.CWKQ
TrendMicro-HouseCallTROJ_DALEXIS.SMK
YandexTrojan.GenAsa!xua4dsFY3Lc
SentinelOneStatic AI – Malicious PE
FortinetW32/Kryptik.DBZV!tr
BitDefenderThetaAI:Packer.940D666520
AVGWin32:Crypt-RSC [Trj]
PandaTrj/Genetic.gen
Qihoo-360Worm.Win32.Elenoocka.BA

How to remove TrojanDownloader:Win32/Dalexis.C?

TrojanDownloader:Win32/Dalexis.C removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment