Trojan

Trojan:Win32/Alureon.EC (file analysis)

Malware Removal

The Trojan:Win32/Alureon.EC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Alureon.EC virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • The binary likely contains encrypted or compressed data.
  • Creates a copy of itself
  • Attempts to disable Windows Defender
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

Related domains:

apertvonhs.com

How to determine Trojan:Win32/Alureon.EC?



File Info:

crc32: BD8149CE
md5: 00c5fc6a62bb375fc080f260600d0b4a
name: 00C5FC6A62BB375FC080F260600D0B4A.mlw
sha1: fe0d2b6e46ee899a16dfd2239d2a905096892d7a
sha256: d6fbb5e28a5887570653da9ed5770ba935064de9072ba1ed9cd782251a3d6afd
sha512: d37d188b328502312253a37037dc6610f4cb61fdd7e892c02b25dcc30bc4ea70019a130808a615c661cbb9d97d90146a9b0a0c0ff830726870a8925423966aed
ssdeep: 768:DURdr/2GjYNfk8oXZf7CdmuGq8W9wPz1F1Ls9hVp7/bG3Qm:DURdzHkk8OZf7Cd78+9hVp7/K3x
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 2010 EA Digital Illusions CE AB. All rights reserved.
InternalName: MoHUpdator.exe
FileVersion: 4.0.21.0
CompanyName: EA Digital Illusions CE AB
ProductName: Medal of Honor Updator
ProductVersion: 4.0.21.0
FileDescription: Medal of Honor Updator
OriginalFilename: MoHUpdator.exe
Translation: 0x0409 0x04e4

Trojan:Win32/Alureon.EC also known as:

Elasticmalicious (high confidence)
DrWebTrojan.DownLoader2.33805
MicroWorld-eScanGen:Variant.TDss.58
FireEyeGeneric.mg.00c5fc6a62bb375f
CAT-QuickHealTrojan.Generic
McAfeeDNSChanger.fm
CylanceUnsafe
VIPRETrojan.Win32.Alureon.ecb (v)
AegisLabTrojan.Win32.Generic.llL1
SangforMalware
K7AntiVirusTrojan ( 0040fa961 )
BitDefenderGen:Variant.TDss.58
K7GWRootKit ( 00206e7b1 )
Cybereasonmalicious.a62bb3
BitDefenderThetaAI:Packer.CDCF933420
CyrenW32/Alureon.AV.gen!Eldorado
SymantecTrojan.FakeAV!gen25
TotalDefenseWin32/FakeAV.AI!generic
APEXMalicious
AvastWin32:Olmarik-A [Trj]
ClamAVWin.Trojan.Tdss-2609
KasperskyHEUR:Trojan.Win32.Generic
AlibabaVirTool:Win32/Obfuscator.8a249132
NANO-AntivirusTrojan.Win32.TDSS.dxsyl
ViRobotTrojan.Win32.Z.Tdss.54272
TencentWin32.Trojan.Vundo.Eoj
Ad-AwareGen:Variant.TDss.58
SophosML/PE-A + Mal/Mohupdtr-A
ComodoTrojWare.Win32.Olmarik.AME@4hv6c3
F-SecureTrojan.TR/TDSS.Gen2
ZillyaBackdoor.TDSS.Win32.8787
TrendMicroTROJ_FAKEAV.SMRB
McAfee-GW-EditionBehavesLike.Win32.Downloader.qc
EmsisoftGen:Variant.TDss.58 (B)
IkarusPacker.Win32.Tdss
JiangminBackdoor/TDSS.arp
WebrootW32.Trojan.Gen
AviraTR/TDSS.Gen2
MAXmalware (ai score=83)
Antiy-AVLTrojan/Win32.Unknown
MicrosoftTrojan:Win32/Alureon.EC
ArcabitTrojan.TDss.58
SUPERAntiSpywareTrojan.Agent/Gen-Olmarik
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.TDss.58
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Tdss.R3143
Acronissuspicious
VBA32TScope.Malware-Cryptor.SB
ALYacGen:Variant.TDss.58
MalwarebytesMalware.AI.2660497437
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/Olmarik.ASG
TrendMicro-HouseCallTROJ_FAKEAV.SMRB
RisingTrojan.Alureon!1.669C (CLASSIC)
YandexTrojan.GenAsa!tlDPfEvQb/U
SentinelOneStatic AI – Malicious PE – Spyware
FortinetW32/TDSS.GK!tr
AVGWin32:Olmarik-A [Trj]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360HEUR/Malware.QVM20.Gen

How to remove Trojan:Win32/Alureon.EC?

Trojan:Win32/Alureon.EC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment