Malware

Win32:GenMaliciousA-HRM [Trj] information

Malware Removal

The Win32:GenMaliciousA-HRM [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:GenMaliciousA-HRM [Trj] virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection with CreateRemoteThread in a remote process
  • Creates RWX memory
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Sniffs keystrokes
  • Exhibits behavior characteristic of iSpy Keylogger
  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Creates known SpyNet mutexes and/or registry changes.
  • Anomalous binary characteristics

How to determine Win32:GenMaliciousA-HRM [Trj]?



File Info:

crc32: 6002B430
md5: 0588e7fb061bd0cd2b45f74428401ec9
name: 0588E7FB061BD0CD2B45F74428401EC9.mlw
sha1: cef562ee802f1f6120a2faeb153719f99a550f5c
sha256: 2556d41d78fad3bdb0b689e12153fb9534038f1560a0881158cbba71f94bce14
sha512: a8622475fb34ad038b295d4c124803b54bfaca66ff62912696b420fccb86d1d725772b584e958aa46a97b1e34657999580d95fbf94367cd102a7bfc01202d0d3
ssdeep: 12288:hTJYJt5D9k7HaRPTeGuRPaHVD6rgcR//e81TY5Pha1fjPXYY:d69AYPld2h/5KW7N
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2009
Assembly Version: 1.0.0.0
InternalName: stub.exe
FileVersion: 1.0.0.0
ProductName: stub
ProductVersion: 1.0.0.0
FileDescription: stub
OriginalFilename: stub.exe

Win32:GenMaliciousA-HRM [Trj] also known as:

K7AntiVirusTrojan ( 0052266d1 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.KillProc.46780
CynetMalicious (score: 100)
ALYacGen:Heur.MSIL.Krypt.!cdmip!.2
CylanceUnsafe
ZillyaDropper.Agent.Win32.256869
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaTrojan:MSIL/GenMaliciousA.c13194b7
K7GWTrojan ( 0052266d1 )
Cybereasonmalicious.b061bd
CyrenW32/Trojan.DPL.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDropper.Agent.AQJ
APEXMalicious
AvastWin32:GenMaliciousA-HRM [Trj]
ClamAVWin.Trojan.Agent-512714
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Heur.MSIL.Krypt.!cdmip!.2
NANO-AntivirusTrojan.Win32.Llac.dcdjdn
MicroWorld-eScanGen:Heur.MSIL.Krypt.!cdmip!.2
TencentMalware.Win32.Gencirc.114c33d1
Ad-AwareGen:Heur.MSIL.Krypt.!cdmip!.2
SophosMal/Generic-R + Mal/MSIL-BE
ComodoMalware@#2ycabctzf3euu
BitDefenderThetaGen:NN.ZemsilF.34266.Mq3@auys5qg
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.jh
FireEyeGeneric.mg.0588e7fb061bd0cd
EmsisoftGen:Heur.MSIL.Krypt.!cdmip!.2 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDropper.MSIL.erk
WebrootW32.Trojan.Dropper.Gen
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASMalwS.10D0E
MicrosoftWorm:Win32/Rebhip.A
ArcabitTrojan.MSIL.Krypt.!cdmip!.2
GDataGen:Heur.MSIL.Krypt.!cdmip!.2
AhnLab-V3Dropper/Win32.Agent.C73819
McAfeeGeneric MSIL.a
MAXmalware (ai score=100)
VBA32TrojanDropper.MSIL.Agent
PandaGeneric Malware
YandexTrojan.DR.Dunik!K7cYzT2FBZ4
IkarusTrojan-Ransom.HiddenTear
MaxSecureTrojan.Malware.1136590.susgen
FortinetMSIL/Agent.ML!tr
AVGWin32:GenMaliciousA-HRM [Trj]
Paloaltogeneric.ml

How to remove Win32:GenMaliciousA-HRM [Trj]?

Win32:GenMaliciousA-HRM [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment