Malware

Win32:GenMaliciousA-IHC [Trj] malicious file

Malware Removal

The Win32:GenMaliciousA-IHC [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:GenMaliciousA-IHC [Trj] virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Network activity detected but not expressed in API logs

How to determine Win32:GenMaliciousA-IHC [Trj]?



File Info:

name: C217B8DC09E6215AC1B2.mlw
path: /opt/CAPEv2/storage/binaries/22f1305a14668fedb3963ae8b7d03e8153c373908678a3caf69d2132ef215128
crc32: 8F8A460A
md5: c217b8dc09e6215ac1b2e1216d762005
sha1: 858c9a29099a496f90a1ac95704d071aa29ff498
sha256: 22f1305a14668fedb3963ae8b7d03e8153c373908678a3caf69d2132ef215128
sha512: 87d21c42847ff44b88d258653fa2c76ee23045822c2fd92cd4a41b804cb33fb76b23755cfb459c508b6f77856f5f7a35ace47e96776811f7075803f42d8810d8
ssdeep: 1536:scbv+zPDrr9aEbsTFF8aR+kFF1qapX1TGqEGWuJz4wnrgUCUb3VShZ:dvBPk5Ynpsr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11DD37B2229EB209DF3B39EB12FD9F9FF896AE973151A70FA218107064731941DC52736
sha3_384: 2ad90d847c464fd260c5a25ac10e243cb2b65e76e274e7dd1397d7140482b363309e00b5cd9229af1b488825c64cc996
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-06-17 09:41:35


Version Info:

Translation: 0x0000 0x04b0
Comments: system.dll
CompanyName: system.dll
FileDescription: system.dll
FileVersion: 0.0.0.0
InternalName: WindowsApplication2.exe
LegalCopyright: system.dll
LegalTrademarks: system.dll
OriginalFilename: WindowsApplication2.exe
ProductName: system.dll
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Win32:GenMaliciousA-IHC [Trj] also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader22.5085
MicroWorld-eScanGen:MSIL.Heur2.Lagos.2
McAfeeBackDoor-NJRat.a
MalwarebytesMalware.AI.878215621
K7AntiVirusTrojan ( 004d46641 )
BitDefenderGen:MSIL.Heur2.Lagos.2
K7GWTrojan ( 004d46641 )
Cybereasonmalicious.c09e62
BitDefenderThetaGen:NN.ZemsilF.34294.hm0@a4kQJIc
ESET-NOD32a variant of MSIL/Kryptik.DRV
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
AlibabaBackdoor:MSIL/Bladabindi.0b903453
NANO-AntivirusTrojan.Win32.Kryptik.fekxkz
AvastWin32:GenMaliciousA-IHC [Trj]
TencentWin32.Trojan.Generic.Sunf
Ad-AwareGen:MSIL.Heur2.Lagos.2
EmsisoftGen:MSIL.Heur2.Lagos.2 (B)
ComodoBackdoor.MSIL.Bladabindi.ABC@6b1idd
F-SecureTrojan.TR/Inject.sbbeijz
TrendMicroTROJ_GEN.R002C0DKN21
McAfee-GW-EditionBackDoor-NJRat.a
FireEyeGeneric.mg.c217b8dc09e6215a
SophosMal/Generic-R + Mal/Mdrop-LE
GDataGen:MSIL.Heur2.Lagos.2
JiangminTrojan.Generic.cgxqh
AviraTR/Inject.sbbeijz
MAXmalware (ai score=98)
Antiy-AVLTrojan/Win32.AGeneric
GridinsoftRansom.Win32.Bladabindi.sa
ArcabitGen:MSIL.Heur2.Lagos.2
MicrosoftBackdoor:MSIL/Bladabindi.AJ
CynetMalicious (score: 99)
AhnLab-V3Win-Trojan/MSILKrypt09.Exp
ALYacGen:MSIL.Heur2.Lagos.2
CylanceUnsafe
TrendMicro-HouseCallTROJ_GEN.R002C0DKN21
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_83%
FortinetW32/Generic.NJRAT!tr
AVGWin32:GenMaliciousA-IHC [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Win32:GenMaliciousA-IHC [Trj]?

Win32:GenMaliciousA-IHC [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment