Categories: Worm

Worm.Generic.247777 removal tips

The Worm.Generic.247777 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.Generic.247777 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • At least one process apparently crashed during execution
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid
  • Detects Sandboxie through the presence of a library
  • Tries to unhook or modify Windows functions monitored by Cuckoo
  • Checks the version of Bios, possibly for anti-virtualization
  • Detects VMware through the presence of a file
  • Anomalous binary characteristics

How to determine Worm.Generic.247777?



File Info:

name: 3D9DF26C9CBAEBF8F08C.mlwpath: /opt/CAPEv2/storage/binaries/6e8161436cf1daadace548147c09ec4c295aac01253f418b53b3083462007533crc32: AD2E112Emd5: 3d9df26c9cbaebf8f08c0d2205cbdccasha1: 1a079203d44a34a1f7f74220e3d7fb96063a071dsha256: 6e8161436cf1daadace548147c09ec4c295aac01253f418b53b3083462007533sha512: 4a82887cfa81a39db5115b37b6b76410f6c838ac6a3e00c0823742ba26a794e46c903a37842d44218ba681fee74ca0df3891a972363c8f479b436df28b95d04cssdeep: 768:g20vf+hSjuFdt0QPbCmPyMUw/VFTVMgyc4glrVIwWaAmYfPZNi:g2fnt0wCmPyG/VFJMgyc4krVMaAmYfPitype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1B623199EB3FA61FBC112DD781A75E1E0C0D9786F0A0385F44DC5468FE864A6897E1C8Bsha3_384: 5004c4c1d4c9be20cd7fdd6aa5bfe4f7ae313315aaa379656f4b7cb4640af74b23ceeaa3375123b25dd0603a33f2703eep_bytes: 558bece947fdffff1040000808100010timestamp: 2006-03-27 05:54:42

Version Info:

CompanyName: дэьИПюНщУЙхцЖБКАуИВИяРFileDescription: ЪбРЛАеЧЧпРФшЗзЩэгыДмпИщаГВТщFileVersion: 83.2.112.31InternalName: ЭшпОЕЙЖсщрНщъТШуСИУнЫШЪиКLegalCopyright: 3677-3859OriginalFilename: 4MCkus2.exeProductName: ВжйщПНЕЯтхуНВЫЪчПВыеЧдлАтъProductVersion: 83.2.112.31Translation: 0x04b0 0x0417

Worm.Generic.247777 also known as:

Bkav W32.AIDetect.malware2
DrWeb Trojan.Packed.20343
FireEye Generic.mg.3d9df26c9cbaebf8
ALYac Worm.Generic.247777
Cylance Unsafe
VIPRE Trojan.Win32.Nedsym.f (v)
Sangfor Trojan.Win32.Obitel.8
K7AntiVirus Trojan ( 0055dd191 )
Alibaba TrojanDownloader:Win32/Carberp.ab60aef8
K7GW Trojan ( 0055dd191 )
Cybereason malicious.c9cbae
BitDefenderTheta AI:Packer.A85A5ABB1F
VirIT Trojan.Win32.Packed.BECL
Cyren W32/Qakbot.A.gen!Eldorado
Symantec W32.Qakbot!gen4
ESET-NOD32 a variant of Win32/Kryptik.EIO
TrendMicro-HouseCall BKDR_QAKBOT.SMC
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky Packed.Win32.Krap.gx
BitDefender Worm.Generic.247777
NANO-Antivirus Trojan.Win32.Krap.bkmtg
MicroWorld-eScan Worm.Generic.247777
Avast Win32:MalOb-IJ [Cryp]
Tencent Win32.Packed.Krap.Lnez
Ad-Aware Worm.Generic.247777
Emsisoft Worm.Generic.247777 (B)
Comodo MalCrypt.Indus!@1qrzi1
Zillya Trojan.Kryptik.Win32.900180
TrendMicro BKDR_QAKBOT.SMC
McAfee-GW-Edition PWS-Zbot.gen.aum
Sophos Mal/Generic-S + Mal/Zbot-U
Ikarus Trojan.Win32.Crypt
GData Worm.Generic.247777
Jiangmin Worm/Bezopi.jg
Avira TR/Crypt.XPACK.Gen
Antiy-AVL Trojan[Packed]/Win32.Krap
Gridinsoft Ransom.Win32.Zbot.sa
Arcabit Worm.Generic.D3C7E1
ZoneAlarm Packed.Win32.Krap.gx
Microsoft TrojanDownloader:Win32/Bredolab.AA
Acronis suspicious
McAfee PWS-Zbot.gen.aum
MAX malware (ai score=100)
VBA32 Trojan.Packed
Malwarebytes Malware.AI.4209654379
APEX Malicious
Rising Dropper.Obitel!8.1F55 (CLOUD)
SentinelOne Static AI – Malicious PE
Fortinet W32/Kryptik.EIO!tr
AVG Win32:MalOb-IJ [Cryp]
Panda Trj/Krapack.gen
CrowdStrike win/malicious_confidence_100% (W)

How to remove Worm.Generic.247777?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: Worm.Generic.247777ЭшпОЕЙЖсщрНщъТШуСИУнЫШЪиК
2 years ago

Recent Posts

Should I remove “Malware.AI.2861677099”?

The Malware.AI.2861677099 is considered dangerous by lots of security experts. When this infection is active,…

18 mins ago

Malware.AI.4183435755 information

The Malware.AI.4183435755 is considered dangerous by lots of security experts. When this infection is active,…

59 mins ago

Dropped:Application.Generic.3571726 removal instruction

The Dropped:Application.Generic.3571726 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago

What is “Trojan.Generic.35245150”?

The Trojan.Generic.35245150 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago

Malware.AI.1658877817 removal tips

The Malware.AI.1658877817 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago

About “Win32/Pronny.JI” infection

The Win32/Pronny.JI is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago