Worm

Worm.Win32.Pajetbin.fsq information

Malware Removal

The Worm.Win32.Pajetbin.fsq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.Win32.Pajetbin.fsq virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Deletes its original binary from disk
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Worm.Win32.Pajetbin.fsq?



File Info:

name: 84F594887C5DBBD3853D.mlw
path: /opt/CAPEv2/storage/binaries/03a341854aa4f7c21a1138ea85629a15f6d8e083f586f57c7a3755c52f2866c0
crc32: 946C36B6
md5: 84f594887c5dbbd3853d2964f4046687
sha1: 119bfd1f06df7f16ba09528f41b3a1693e90aae2
sha256: 03a341854aa4f7c21a1138ea85629a15f6d8e083f586f57c7a3755c52f2866c0
sha512: 410e0a5aff858b6ab9269549baba3380d42133d6e04dba303341460606d0ef7b9926c2cdd959877a1b601618f5da36588240ab3adc870c6a33e71ea096672411
ssdeep: 3072:/cL0bUTppDAYzIMUNRD5b0zs7y4JTrjlAYDpAYDgOf:bbUTp1VUjD5as7y4JTrjRDVD9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15FF38E42BBE180F5F5E342302CBB5B36AF32BC225560871F1390F65DAD31694E93A726
sha3_384: 577eaee153ae6243b2d985481be79552b274883c06c534459586ac456a9a4c68f5ef43a4f4dc7a2a611c344d14d3e501
ep_bytes: 81ecd4020000535556576a2033ed5e89
timestamp: 2013-12-25 05:01:44


Version Info:

CompanyName: Mozilla Corporation
FileDescription: Mozilla Maintenance Service Installer
FileVersion: 43.0.1
LegalCopyright: Mozilla Corporation
LegalTrademarks: Firefox is a Trademark of The Mozilla Foundation.
OriginalFilename: maintenanceservice_installer.exe
ProductName: Firefox
ProductVersion: 43.0.1
Translation: 0x0409 0x04b0

Worm.Win32.Pajetbin.fsq also known as:

LionicWorm.Win32.Pajetbin.o!c
DrWebWin32.HLLW.Autoruner.547
McAfeeArtemis!84F594887C5D
AlibabaWorm:Win32/Pajetbin.c99f5480
CyrenW32/Autorun.DB.gen!Eldorado
Paloaltogeneric.ml
ClamAVWin.Worm.Vindor-9886047-0
KasperskyWorm.Win32.Pajetbin.fsq
AvastWin32:VB-FBX
McAfee-GW-EditionArtemis!Virus
SophosGeneric PUA BB (PUA)
AviraDIAL/Redcap.iqjye
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataWin32.Trojan.PSE.1V6HZ6L
CynetMalicious (score: 99)
AhnLab-V3Worm/Win.Autorun.C4824401
VBA32Trojan.Sdum
AVGWin32:VB-FBX

How to remove Worm.Win32.Pajetbin.fsq?

Worm.Win32.Pajetbin.fsq removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment