Malware

About “Win32:GenMalicious-GX [Trj]” infection

Malware Removal

The Win32:GenMalicious-GX [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:GenMalicious-GX [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Authenticode signature is invalid
  • Checks for the presence of known devices from debuggers and forensic tools
  • Checks for the presence of known devices from debuggers and forensic tools
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering
  • Anomalous binary characteristics

How to determine Win32:GenMalicious-GX [Trj]?



File Info:

name: 595C2446952C0B15EF45.mlw
path: /opt/CAPEv2/storage/binaries/87c7d99ae9a23341e6e91da864c375146dfdcb5dd9fe88e252a1187a8afa3bea
crc32: F332F5EC
md5: 595c2446952c0b15ef4578b1efb58feb
sha1: 09fe6482a202b5b13aae722dd30f98c57326f859
sha256: 87c7d99ae9a23341e6e91da864c375146dfdcb5dd9fe88e252a1187a8afa3bea
sha512: e832a65f65f0858e72ac350e7bff0daed26afeb25547e419c4e44de1597644e06ed40348adf944be17e3a355824d1bd853e42f034f609e4e17e5fecd9324a089
ssdeep: 6144:z9hwh+wuoaioUAPK05Xl8KjWehwh+wuon9:zr07oUW6KjP0p9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C30589A12259D056D0A7E476742EE63528506CBABBBADB0E33C77F5B70B13D2040B35B
sha3_384: 0983bcfa8bce67c1ca824b54d56d369fb4182f15448c276bb726df3b390b24dee39532e4e2302ff03eedad6672088fd3
ep_bytes: 68bc9f4400e8f0ffffff000000000000
timestamp: 2010-12-08 19:44:38


Version Info:

Translation: 0x0409 0x04b0
ProductName: Update
FileVersion: 1.00
ProductVersion: 1.00
InternalName: video
OriginalFilename: video.exe

Win32:GenMalicious-GX [Trj] also known as:

tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Bulz.51656
ClamAVWin.Trojan.VB-1406
FireEyeGeneric.mg.595c2446952c0b15
ALYacGen:Variant.Bulz.51656
CylanceUnsafe
ZillyaTrojan.VB.Win32.54889
Sangfor[MICROSOFT VISUAL BASIC V6.0]
K7AntiVirusP2PWorm ( 0055e3ea1 )
K7GWP2PWorm ( 0055e3ea1 )
Cybereasonmalicious.6952c0
VirITBackdoor.Win32.VB.LHU
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/VB.PQJ
APEXMalicious
CynetMalicious (score: 99)
KasperskyBackdoor.Win32.VB.njm
BitDefenderGen:Variant.Bulz.51656
NANO-AntivirusTrojan.Win32.VB.ctxdak
AvastWin32:GenMalicious-GX [Trj]
TencentWin32.Backdoor.Vb.bhvw
Ad-AwareGen:Variant.Bulz.51656
SophosTroj/Bdoor-BAZ
ComodoSuspicious@#1w61yhgsayo92
DrWebTrojan.DownLoader5.40176
VIPREGen:Variant.Bulz.51656
TrendMicroTROJ_SISRON.SM
McAfee-GW-EditionBehavesLike.Win32.VBObfus.bm
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Bulz.51656 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bulz.51656
JiangminBackdoor/VB.mvd
AviraTR/Dropper.Gen
MAXmalware (ai score=80)
Antiy-AVLTrojan/Generic.ASMalwS.12A
KingsoftWin32.Hack.VB.n.(kcloud)
ArcabitTrojan.Bulz.DC9C8
ViRobotBackdoor.Win32.A.VB.512000
MicrosoftWorm:Win32/Skeeyah.A!rfn
GoogleDetected
McAfeeGenericRXTL-UE!595C2446952C
MalwarebytesMalware.AI.3598715032
TrendMicro-HouseCallTROJ_SISRON.SM
RisingTrojan.Autorun!1.DA78 (CLASSIC)
YandexTrojan.GenAsa!gu1xkTZLCFQ
IkarusTrojan.Win32.VB
FortinetW32/VB.PQJ!tr
BitDefenderThetaGen:NN.ZevbaF.34592.Xm1@aqSfLJji
AVGWin32:GenMalicious-GX [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32:GenMalicious-GX [Trj]?

Win32:GenMalicious-GX [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment