Worm

Worm:Win32/Moridin.C removal tips

Malware Removal

The Worm:Win32/Moridin.C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Worm:Win32/Moridin.C virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Worm:Win32/Moridin.C?


File Info:

name: A4BE468866161163054E.mlw
path: /opt/CAPEv2/storage/binaries/6301f132f1d0901efde32a5f17d2fd6b9f9e04d73f8512cd44ecee057fb8168f
crc32: AB522732
md5: a4be468866161163054e30dc172c2863
sha1: 09df4e74b59b5ed1f078ce38e5c14f2e95acf619
sha256: 6301f132f1d0901efde32a5f17d2fd6b9f9e04d73f8512cd44ecee057fb8168f
sha512: ed5a53a5e7237287cb912dd76f72bb66acaf68c2436d8b08aea04ec294b869373fb8248e7d7a430ea2a084e7e2b5de28e97203a187ad368dcc9ef5f227131f66
ssdeep: 1536:My+IkjYESc3hilR5lQiHasslQiwzlaqHOFavRlGa2Zxh:My+IkmyuXQiHasslQiwzlaqHuapaZD
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T14E14A2A1A743012AD7AB2239B18E96C6677FC3CD53936737F408D92DECC822B0B61547
sha3_384: 916daffd6fa470b3c786587cc82df7d349754b2968c2c6b02a85a1da9a298375a136a5294a1c4b6b07fc4763ab007858
ep_bytes: b97162420051c361727400906a00e878
timestamp: 2021-02-13 01:12:02

Version Info:

0: [No Data]

Worm:Win32/Moridin.C also known as:

BkavW32.AIDetect.malware2
LionicVirus.Multi.Moridin.n!c
Elasticmalicious (high confidence)
MicroWorld-eScanWin32.Moridin.B@mm
CAT-QuickHealW32.Moridin.B
ALYacWin32.Moridin.B@mm
CylanceUnsafe
ZillyaVirus.Moridin.Win32.1
Cybereasonmalicious.866161
CyrenW32/Moridin.B
SymantecW32.Morodi.A
ESET-NOD32Win32/Moridin.B
APEXMalicious
KasperskyVirus.Multi.Moridin.b
BitDefenderWin32.Moridin.B@mm
NANO-AntivirusVirus.Win32.Moridin.gesl
AvastWin32:Idele-C
TencentWin32.Virus.Moridin.Lnek
Ad-AwareWin32.Moridin.B@mm
EmsisoftWin32.Moridin.B@mm (B)
F-SecureMalware.W32/Moridin.69322
DrWebWin32.Moridin
VIPREWin32.Moridin.B@mm
TrendMicroPE_MORIDIN.A
McAfee-GW-EditionW32/Moridin.gen
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.a4be468866161163
SophosML/PE-A + W32/Moridin-B
SentinelOneStatic AI – Malicious PE
GDataWin32.Moridin.B@mm
JiangminMoridin.b
AviraW32/Moridin.69322
MAXmalware (ai score=87)
ArcabitWin32.Moridin.E2C45E
ViRobotWin32.Moridin.A
ZoneAlarmVirus.Multi.Moridin.b
MicrosoftWorm:Win32/Moridin.C
CynetMalicious (score: 100)
McAfeeW32/Moridin.gen
VBA32Trojan.Wacatac
MalwarebytesMalware.AI.2199290928
TrendMicro-HouseCallPE_MORIDIN.A
RisingTrojan.Generic@AI.98 (RDML:79pHgdu0d/CfOcmabP0Nbg)
YandexTrojan.GenAsa!BHBPMH/F5ig
IkarusVirus.Win32.AOC
MaxSecureVirus.Multi.Moridin.b
FortinetW32/Moridin.B
BitDefenderThetaAI:FileInfector.F345495E12
AVGWin32:Idele-C
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Worm:Win32/Moridin.C?

Worm:Win32/Moridin.C removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment