Malware

Win32.Sivis.A4 removal instruction

Malware Removal

The Win32.Sivis.A4 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Win32.Sivis.A4 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32.Sivis.A4?


File Info:

name: D86523236A148405339F.mlw
path: /opt/CAPEv2/storage/binaries/6a4a3a801cfcd22e1aa177bfb55bb816170de8acee275ed10b57465623ea78ba
crc32: A33649E9
md5: d86523236a148405339f55fad7386087
sha1: b2a7c401bc68ee6165bbd24210c0ee2ed149d4ea
sha256: 6a4a3a801cfcd22e1aa177bfb55bb816170de8acee275ed10b57465623ea78ba
sha512: 19a9f33c7a22171927aa8057d98fae1407bf68dfd4b397c92bab255f10747bbbdd038cecf2fc7b611f2e346b2e0d7188195b604ebf5f6286a9ab64d703ee4e3b
ssdeep: 98304:ZY9YoOyLIlsX7KLUbYZfgs0QlxTZ86KIgFOm9eLQqQuSbeTPPrkt:K9YoOnfU64s1JGIDQurst
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A6D66A51B791C7B1D35D02709D76A272D3347CAE0B3182BB71B9AE1E9E33AC31E25216
sha3_384: 2a4ddb03aafb591db646cfaec68c40d32520b5e99500b212bdf2ab52318f41ae2a5db42a45cf8bb494a1f72b9ce73a11
ep_bytes: e80060000073ebebebeb73237dabebf3
timestamp: 2010-08-01 10:32:37

Version Info:

0: [No Data]

Win32.Sivis.A4 also known as:

BkavW32.OverlayND.PE
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.Agent.EXMP
CAT-QuickHealWin32.Sivis.A4
ALYacTrojan.Agent.EXMP
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00517a0d1 )
K7GWTrojan ( 00517a0d1 )
Cybereasonmalicious.36a148
CyrenW32/Zbot.GH.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Ausiv.A
APEXMalicious
ClamAVWin.Trojan.Agent-6943819-1
KasperskyPacked.Win32.Krap.jc
BitDefenderTrojan.Agent.EXMP
NANO-AntivirusTrojan.Win32.Krap.espnuv
AvastWin32:Agent-BCFZ [Trj]
TencentTrojan.Win32.Kryptik.fwwy
Ad-AwareTrojan.Agent.EXMP
EmsisoftTrojan.Agent.EXMP (B)
ComodoVirus.Win32.VirLock.GA@7lv9go
DrWebTrojan.KillFiles.62112
ZillyaTrojan.Krap.Win32.8947
TrendMicroVirus.Win32.SIVIS.B
McAfee-GW-EditionBehavesLike.Win32.Sytro.rh
FireEyeGeneric.mg.d86523236a148405
SophosML/PE-A
SentinelOneStatic AI – Malicious PE
GDataWin32.Virus.Ausiv.B
JiangminPacked.Krap.fyig
AviraTR/Crypt.XPACK.Gen
ArcabitTrojan.Agent.EXMP
ViRobotTrojan.Win32.Agent.Gen.C
ZoneAlarmPacked.Win32.Krap.jc
MicrosoftTrojan:Win32/Ausiv
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Agent.R236179
McAfeePacked-SU!D86523236A14
MAXmalware (ai score=84)
VBA32Trojan.KillFiles
MalwarebytesSivis.Virus.FileInfector.DDS
TrendMicro-HouseCallVirus.Win32.SIVIS.B
RisingTrojan.Kryptik!8.8 (TFE:dGZlOgXBnJE79D+K8w)
YandexTrojan.GenAsa!8BX67dEhxck
IkarusPacker.Win32.Krap
MaxSecurePacked.Krap.JC
FortinetW32/Ausiv.A
BitDefenderThetaGen:NN.ZexaF.34666.@tZ@aysGNRoi
AVGWin32:Agent-BCFZ [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32.Sivis.A4?

Win32.Sivis.A4 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment