PUA

Win64:MiscX-gen [PUP] (file analysis)

Malware Removal

The Win64:MiscX-gen [PUP] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win64:MiscX-gen [PUP] virus can do?

    How to determine Win64:MiscX-gen [PUP]?

    

    File Info:
    
crc32: 1D2E3438
    md5: 0da2506094ea61ba7ee5dde9ad5ca96b
    name: 0DA2506094EA61BA7EE5DDE9AD5CA96B.mlw
    sha1: 04d226166d5ad984d1a90bd0baefed4cb439d3d3
    sha256: fc7d45187fe076fc83f8622349aca2539124790cd53d5b10e3f60d9eead7cfb3
    sha512: 9b42002885e51927ac273018a5025321b7922615cb5df0e3613afd9887f0125fc5a966a04c206c3db7e0864f193c05f29f04ad8dfde465e5c1343f7aefbc112c
    ssdeep: 24576:4z/JrnRBe0rKTUMK28mZLtI9WdXJcK0zqTc/f7:4fR1q+WlJsGT
    type: PE32+ executable (console) x86-64, for MS Windows
    

    Version Info:
    
LegalCopyright: Copyright (c) 2007 - 2020 gentilkiwi (Benjamin DELPY)
    InternalName: yahuohuo
    FileVersion: 2.2.0.0
    CompanyName: gentilkiwi (Benjamin DELPY)
    PrivateBuild: Build with love for POC only
    ProductName: yahuohuo
    SpecialBuild: :)
    ProductVersion: 2.2.0.0
    FileDescription: yahuohuo for Windows
    OriginalFilename: yahuohuo.exe
    Translation: 0x0409 0x04b0

    Win64:MiscX-gen [PUP] also known as:

    Elasticmalicious (high confidence)
    DrWebTool.Mimikatz.1015
    CynetMalicious (score: 100)
    ALYacGen:Heur.Mimikatz.1
    CrowdStrikewin/malicious_confidence_80% (W)
    AlibabaHackTool:Win32/Mimikatz.67b89ac0
    Cybereasonmalicious.094ea6
    SymantecHacktool.Mimikatz
    ESET-NOD32a variant of Win64/Riskware.Mimikatz.D
    APEXMalicious
    AvastWin64:MiscX-gen [PUP]
    ClamAVWin.Trojan.Mimikatz-6466236-0
    KasperskyHEUR:Trojan-PSW.Win64.Mimikatz.gen
    BitDefenderGen:Heur.Mimikatz.1
    MicroWorld-eScanGen:Heur.Mimikatz.1
    TencentWin64.Trojan-qqpass.Qqrob.Iso
    Ad-AwareGen:Heur.Mimikatz.1
    SophosTroj/Mimkatz-AE
    TrendMicroHKTL_MIMIKATZ64
    McAfee-GW-EditionBehavesLike.Win64.Rootkit.th
    FireEyeGeneric.mg.0da2506094ea61ba
    EmsisoftGen:Heur.Mimikatz.1 (B)
    SentinelOneStatic AI – Suspicious PE
    JiangminTrojan.PSW.Mimikatz.cna
    AviraHEUR/AGEN.1141388
    eGambithacktool.mimikatz
    MicrosoftHackTool:Win32/Mimikatz.D
    GDataGen:Heur.Mimikatz.1
    AhnLab-V3Trojan/Win64.Mimikatz.R285461
    McAfeeHTool-MimiKatz!0DA2506094EA
    MAXmalware (ai score=85)
    MalwarebytesGeneric.Trojan.Malicious.DDS
    PandaHackingTool/Mimikatz
    TrendMicro-HouseCallHKTL_MIMIKATZ64
    RisingTrojan.Tiggre!8.ED98 (CLOUD)
    IkarusPUA.RiskWare.Mimikatz
    FortinetRiskware/Mimikatz
    AVGWin64:MiscX-gen [PUP]
    Paloaltogeneric.ml

    How to remove Win64:MiscX-gen [PUP]?

    Win64:MiscX-gen [PUP] removal tool
    • Download and install GridinSoft Anti-Malware.
    • Open GridinSoft Anti-Malware and perform a “Standard scan“.
    • Move to quarantine” all items.
    • Open “Tools” tab – Press “Reset Browser Settings“.
    • Select proper browser and options – Click “Reset”.
    • Restart your computer.

    You may also like

    About the author

    Paul Valéry

    I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

    View all posts

    Leave a Comment