Malware

Win32/Packed.7zip.CZ suspicious removal

Malware Removal

The Win32/Packed.7zip.CZ suspicious is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Packed.7zip.CZ suspicious virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Detects the presence of Windows Defender AV emulator via files
  • Anomalous binary characteristics

How to determine Win32/Packed.7zip.CZ suspicious?



File Info:

name: 0D3738C321273E04C53E.mlw
path: /opt/CAPEv2/storage/binaries/3440c775c0d4a5568f15f76acef4bd01ad0c2ab81ffa08f58937b011dca55cc7
crc32: 1385D6CA
md5: 0d3738c321273e04c53e613935977dbd
sha1: c07f3ba3a664e0423892d8e1953488d7a33838aa
sha256: 3440c775c0d4a5568f15f76acef4bd01ad0c2ab81ffa08f58937b011dca55cc7
sha512: 2e0daaef2f01912bfc34d41db47cb997b3639db3540568cf7a3983fe21d80f992e0fd2aa9924bb32d92939c8fdab8518334fa5a2d60b755b861b5e62377df9dd
ssdeep: 49152:7molRgE+z6h3IacB6V07MvGKri31JpuGXFNGyTP2C/2Alm0fM7k:7vlKEp1Iac56GciFz5jL2CJ8k
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B8D533267ED1A170C1330731A9A0AEB25E6C7D290770DA5F6348761A0F78AE3D33D766
sha3_384: c4879ebedfdf8ab65be15786482ae19316c5f5f76aa89502647913d166921759b5c3d0ce8fe1294b0c8b1ad02ef9c6ee
ep_bytes: e818070000e97afeffff558bec8325f8
timestamp: 2016-04-01 11:00:15


Version Info:

CompanyName: Oleg N. Scherbakov
FileDescription: 7z Setup SFX (x86)
FileVersion: 1.7.0.3900
InternalName: 7ZSfxMod
LegalCopyright: Copyright © 2005-2016 Oleg N. Scherbakov
OriginalFilename: 7ZSfxMod_x86.exe
PrivateBuild: April 1, 2016
ProductName: 7-Zip SFX
ProductVersion: 1.7.0.3900
Translation: 0x0000 0x04b0

Win32/Packed.7zip.CZ suspicious also known as:

BkavW32.Common.B7E54048
LionicTrojan.Win32.Generic.4!c
Cylanceunsafe
ZillyaTrojan.Stealer.Win32.22575
SangforTrojan.Win32.Packed.V3q5
K7AntiVirusTrojan ( 0058f1e01 )
AlibabaPacked:Win32/Malit.84a598d1
K7GWTrojan ( 0058f1e01 )
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.7zip.CZ suspicious
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.117ec195
F-SecureTrojan-Dropper:W32/SuspiciousSFXDropper.A
McAfee-GW-EditionArtemis!Trojan
SophosMal/Malit-C
JiangminTrojan.PSW.Stealer.arz
WebrootPua.Opencandy
Antiy-AVLTrojan[PSW]/Win32.Stealer
AhnLab-V3Malware/Win.Generic.C4986740
McAfeeArtemis!0D3738C32127
MalwarebytesGeneric.Trojan.Malpack.DDS
FortinetRiskware/Application
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Win32/Packed.7zip.CZ suspicious?

Win32/Packed.7zip.CZ suspicious removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment