Trojan

Win32/TrojanDownloader.FlyStudio.ED (file analysis)

Malware Removal

The Win32/TrojanDownloader.FlyStudio.ED is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDownloader.FlyStudio.ED virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Win32/TrojanDownloader.FlyStudio.ED?



File Info:

name: 5EA91B3790B5E6E52EB1.mlw
path: /opt/CAPEv2/storage/binaries/d3118d56b9977d9214ab781a87b84ead39ff766dc73465a3b9dbfcb93cf92d4f
crc32: C2D7E957
md5: 5ea91b3790b5e6e52eb199a13d945808
sha1: 86385621599af71ad9418d334a28c0f3cb205bb8
sha256: d3118d56b9977d9214ab781a87b84ead39ff766dc73465a3b9dbfcb93cf92d4f
sha512: 2e764df91bdc9bb2331e8fb02a6a3e854189dbddfd49bb746da016683410843187685d46461e73bf6925fd1b6892bd78cd0ec1a2b2f961be3f1921f61495ba18
ssdeep: 12288:hwJ0QMXjt7Vsb3xLMLGSRGgVIUmRpI/F+ir:hwJdgjxVK3xgL1RGnUpF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T104252A65C16B745CDE26123B48A12F4014AB3E9ECAD5A43B3FC8B59240FB18B6277D37
sha3_384: e3a4d1a86a280a3324c33409d5aa802ce9ff769779638fb5d0ebf309c8eaf14f7f8aab48df18da9d1b9237cf9074eee3
ep_bytes: 60be00f04f008dbe0020f0ff57eb0b90
timestamp: 2023-11-30 07:54:25


Version Info:

FileVersion: 1.0.0.0
FileDescription: 1.0
ProductName: 1.0
ProductVersion: 1.0.0.0
LegalCopyright: 作者版权所有 请尊重并使用正版
Comments: 1.0
Translation: 0x0804 0x04b0

Win32/TrojanDownloader.FlyStudio.ED also known as:

BkavW32.AIDetectMalware
LionicTrojan.Multi.Generic.lpZC
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.GenericKD.70634634
FireEyeGeneric.mg.5ea91b3790b5e6e5
SkyhighBehavesLike.Win32.Generic.dc
McAfeeArtemis!5EA91B3790B5
Cylanceunsafe
ZillyaDownloader.FlyStudio.Win32.7031
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005246d51 )
AlibabaTrojanDownloader:Win32/Malgent.3511ccc3
K7GWTrojan-Downloader ( 005aae3c1 )
Cybereasonmalicious.1599af
ArcabitTrojan.Generic.D435CC8A
VirITTrojan.Win32.Genus.UJR
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.FlyStudio.ED
CynetMalicious (score: 100)
APEXMalicious
BitDefenderTrojan.GenericKD.70634634
AvastWin32:Malware-gen
EmsisoftApplication.Generic (A)
F-SecureTrojan.TR/Redcap.eauob
VIPRETrojan.GenericKD.70634634
TrendMicroTROJ_GEN.R03FC0DL623
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan.Win32.QQWare
WebrootW32.Trojan.GenKD
VaristW32/OnlineGames.HI.gen!Eldorado
AviraTR/Redcap.eauob
Antiy-AVLTrojan[Packed]/Win32.FlyStudio
KingsoftWin32.Troj.Generic.v
XcitiumMalware@#2m6sloiera4iy
MicrosoftTrojan:Win32/Malgent!MSR
GDataWin32.Trojan.PSE.19HHMJH
GoogleDetected
VBA32BScope.Trojan.Emotet
ALYacTrojan.GenericKD.70634634
MAXmalware (ai score=84)
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R03FC0DL623
RisingDownloader.FlyStudio!8.5E9 (CLOUD)
YandexTrojan.GenAsa!ZU78ump4sm8
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/CoinMiner.PHP!tr
BitDefenderThetaGen:NN.ZexaF.36744.8mKfaCjEGcab
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/TrojanDownloader.FlyStudio.ED?

Win32/TrojanDownloader.FlyStudio.ED removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment