Malware

Win32:GenMalicious-IER [Trj] malicious file

Malware Removal

The Win32:GenMalicious-IER [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:GenMalicious-IER [Trj] virus can do?

  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Win32:GenMalicious-IER [Trj]?



File Info:

crc32: F0F4DB8A
md5: bc5afab15e5afadc718c0f378a9ff7a0
name: BC5AFAB15E5AFADC718C0F378A9FF7A0.mlw
sha1: 163d16b9221cf5fd5b4adf4a7223a4b487d5ae86
sha256: 5b50f77247ac54564d9b7a9c67cb99f085544f65c5147f8dba92a1a4e9d8a1b9
sha512: d1a083ad82724b68f0d2899b8f5d4bd7c79894fc61abb33249e54b1cc7cd3033c7394ec24346ea1550b3bedd41bfc9ce9872703ef7c5d127217e9b34e990cab3
ssdeep: 24576:CDyOtjpQeN/7DSBfWhjEKKYJkwrsrIZmDQtV2M:UtFph7GBfWtYcMY1
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 x41ax43ex440x43fx43ex440x430x446x438x44f x41cx430x439x43ax440x43ex441x43ex444x442. x412x441x435 x43fx440x430x432x430 x437x430x449x438x449x435x43dx44b.
InternalName: Notepad
FileVersion: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
CompanyName: x41ax43ex440x43fx43ex440x430x446x438x44f x41cx430x439x43ax440x43ex441x43ex444x442
ProductName: x41ex43fx435x440x430x446x438x43ex43dx43dx430x44f x441x438x441x442x435x43cx430 Microsoftxae Windowsxae
ProductVersion: 5.1.2600.2180
FileDescription: x411x43bx43ex43ax43dx43ex442
OriginalFilename: NOTEPAD.EXE
Translation: 0x0419 0x04b0

Win32:GenMalicious-IER [Trj] also known as:

BkavW32.AIDetect.malware1
K7AntiVirusEmailWorm ( 0025a5241 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (D)
AlibabaTrojan:Win32/Fesber.91291ae5
K7GWEmailWorm ( 0025a5241 )
Cybereasonmalicious.9221cf
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:GenMalicious-IER [Trj]
ClamAVWin.Malware.Kolabc-6736261-0
KasperskyUDS:DangerousObject.Multi.Generic
TencentVirus.Win32.Kolabc.aad
SophosMal/Fesber-A
ComodoMalware@#2cjsh8gh9rak0
BitDefenderThetaGen:NN.ZexaF.34170.0m3@aOc5Isnc
VIPRETrojan.Win32.Kolabc.gu (v)
McAfee-GW-EditionBehavesLike.Win32.Dropper.cm
FireEyeGeneric.mg.bc5afab15e5afadc
SentinelOneStatic AI – Malicious PE
AviraTR/Trash.Gen2
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataWin32.Trojan-Dropper.Rbot.A
AhnLab-V3Win-Trojan/Facelabc.Gen
McAfeeGeneric-FANE!BC5AFAB15E5A
MAXmalware (ai score=99)
MalwarebytesGeneric.Trojan.Malicious.DDS
IkarusVirus.Win32.Agent
FortinetW32/Kolabc.GU!worm.im
AVGWin32:GenMalicious-IER [Trj]

How to remove Win32:GenMalicious-IER [Trj]?

Win32:GenMalicious-IER [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment