The Backdoor:Win32/Ymacco.AA0A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
What Backdoor:Win32/Ymacco.AA0A virus can do?
File Info:
name: 735119ECD0C24C12F21F.mlwpath: /opt/CAPEv2/storage/binaries/0a095835a2a3a3d1fd7bff3e0b207449ee8896dee5184e1da2642eec9328f84bcrc32: 57DA0C3Cmd5: 735119ecd0c24c12f21fcd3df399dc7fsha1: 4e587f71b6c11f2eda5f3850e3aa3a1bee6c5219sha256: 0a095835a2a3a3d1fd7bff3e0b207449ee8896dee5184e1da2642eec9328f84bsha512: 782981cbb7a2ab995df8c4e4f974f94143cd8e55c298eaccbd619cf37e1a645a105821897a766a9d439390bdfbd6ee40845dc75c4451a3f3e034d77aa34a68e8ssdeep: 3072:1rtFwNJpG3Cllni6V7WBjfhQH4VchSTHZ7FZ3L/NKc:ZXwNJpGS+hQH4VchSTHZ7FZ3L/NKtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T137D3779D766072DFC867C8B2DAA81C64EB6074BB531F8203A16315EDEA4D997CF140F2sha3_384: 99561e9fc055021dc273eef6f32f785857128a29ca67baa021ae79693995aff8764c89230f5d5fdbdfb519daa8aa2fdfep_bytes: ff250020400000000000000000000000timestamp: 2021-01-24 08:06:03Version Info:
Translation: 0x0000 0x04b0Comments: Console Window HostsFileDescription: Console Window HostsFileVersion: 10.0.18326.1InternalName: conhost.exeLegalCopyright: © Microsoft Corporation. All right server...OriginalFilename: conhost.exeProductName: Microsoft ® Windows®Operating SystemProductVersion: 10.0.18326.1Assembly Version: 10.0.18326.1
Elastic | malicious (high confidence) |
MicroWorld-eScan | Trojan.GenericKD.36290957 |
FireEye | Trojan.GenericKD.36290957 |
McAfee | RDN/Generic.dx |
Cylance | Unsafe |
Sangfor | Backdoor.Win32.Ymacco.AA0A |
Alibaba | Trojan:Win32/Generic.e6295730 |
CrowdStrike | win/malicious_confidence_60% (D) |
Cyren | W32/Trojan.KZYT-7262 |
Symantec | ML.Attribute.HighConfidence |
APEX | Malicious |
Avast | Win32:Malware-gen |
BitDefender | Trojan.GenericKD.36290957 |
Ad-Aware | Trojan.GenericKD.36290957 |
TrendMicro | TROJ_GEN.R002C0PLG21 |
McAfee-GW-Edition | RDN/Generic.dx |
Emsisoft | Trojan.GenericKD.36290957 (B) |
Paloalto | generic.ml |
GData | Trojan.GenericKD.36290957 |
Webroot | W32.Malware.Gen |
Gridinsoft | Ransom.Win32.Bladabindi.sa |
Arcabit | Trojan.Generic.D229C18D |
ViRobot | Trojan.Win32.Z.Agent.131072.GQH |
Microsoft | Backdoor:Win32/Ymacco.AA0A |
AhnLab-V3 | Malware/Win32.RL_Generic.C4352523 |
BitDefenderTheta | Gen:NN.ZemsilF.34114.im0@aGRhBrb |
ALYac | Trojan.GenericKD.36290957 |
MAX | malware (ai score=100) |
TrendMicro-HouseCall | TROJ_GEN.R002C0PLG21 |
Rising | Malware.Obfus/MSIL@AI.81 (RDM.MSIL:ZOk0qXM//dB+gVfHlMFhSw) |
SentinelOne | Static AI – Malicious PE |
MaxSecure | Trojan.Malware.7175203.susgen |
Fortinet | PossibleThreat |
AVG | Win32:Malware-gen |
Cybereason | malicious.cd0c24 |
Panda | Trj/GdSda.A |
The Malware.AI.4222225806 is considered dangerous by lots of security experts. When this infection is active,…
The Malware.AI.1862100968 is considered dangerous by lots of security experts. When this infection is active,…
The Win32:VB-OLS [Trj] is considered dangerous by lots of security experts. When this infection is…
The Trojan:Win32/Smokeloader.CCDO!MTB is considered dangerous by lots of security experts. When this infection is active,…
The TrojanDownloader:MSIL/RedLineStealer.KL!MTB is considered dangerous by lots of security experts. When this infection is active,…
The Malware.AI.4139232050 is considered dangerous by lots of security experts. When this infection is active,…