BScope.Trojan.DelShad (file analysis)

The BScope.Trojan.DelShad is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What BScope.Trojan.DelShad virus can do?

Attempts to stop active services
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine BScope.Trojan.DelShad?


File Info:
crc32: E7C66E5F
md5: 438c12757946a2f236356cfa58e0ee27
name: tmpgfg_8wt3
sha1: 5e72e9f1ac3435b4db97f2fb554838ec19ac8480
sha256: c8ce31649b92b719286aab11428771639d7e272160c954a7aafd9d12913c2087
sha512: 5fc0ecff1d92c3154ff30713c8c3fee27173ae524f2df8b68e737d49c19745d6d6daa1743766551d11f2d87ba7c9eb9165405f7453a4b1353fec1e8edd8d6d1f
ssdeep: 1536:DTKNnkUl4+aWGPV+eQ5YADz4XqRIpSyCX8ICS4AdtOfKODngSztPvmp3K8QiR6b:KkojMww5XqREosfK3SxXmI7PDz
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

BScope.Trojan.DelShad also known as:

Bkav	W32.AIDetectVM.malwareB
MicroWorld-eScan	DeepScan:Generic.Ransom.Sodinokibi.FC406C0D
FireEye	Generic.mg.438c12757946a2f2
McAfee	Sodinokibi!438C12757946
Cylance	Unsafe
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Riskware ( 0040eff71 )
K7AntiVirus	Riskware ( 0040eff71 )
Arcabit	DeepScan:Generic.Ransom.Sodinokibi.FC406C0D
Invincea	heuristic
BitDefenderTheta	Gen:NN.ZedlaF.34128.hu4@a4ClyRc
F-Prot	W32/Kryptik.AKW.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Ransomware.Sodinokibi-7013612-0
GData	DeepScan:Generic.Ransom.Sodinokibi.FC406C0D
Kaspersky	HEUR:Trojan-Ransom.Win32.Crypmod.vho
BitDefender	DeepScan:Generic.Ransom.Sodinokibi.FC406C0D
NANO-Antivirus	Virus.Win32.Gen.ccmw
Tencent	Malware.Win32.Gencirc.1196fe07
Ad-Aware	DeepScan:Generic.Ransom.Sodinokibi.FC406C0D
Emsisoft	DeepScan:Generic.Ransom.Sodinokibi.FC406C0D (B)
F-Secure	Trojan.TR/Crypt.XPACK.Gen
TrendMicro	Ransom.Win32.SODINOKIBI.SMTH
McAfee-GW-Edition	Sodinokibi!438C12757946
SentinelOne	DFI – Malicious PE
Cyren	W32/Kryptik.AKW.gen!Eldorado
Avira	TR/Crypt.XPACK.Gen
MAX	malware (ai score=85)
Antiy-AVL	Trojan[Ransom]/Win32.Crypmod
Microsoft	Ransom:Win32/Sodinokibi.DSB!MTB
Endgame	malicious (high confidence)
ZoneAlarm	HEUR:Trojan-Ransom.Win32.Crypmod.vho
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.RL_Ransom.R290570
VBA32	BScope.Trojan.DelShad
ALYac	DeepScan:Generic.Ransom.Sodinokibi.FC406C0D
Malwarebytes	Ransom.Sodinokibi
TrendMicro-HouseCall	Ransom.Win32.SODINOKIBI.SMTH
Rising	Ransom.Crypmod!8.DA9 (RDMK:cmRtazrG1w446PfMSwfVpMe45kXz)
Ikarus	Trojan-Ransom.Sodinokibi
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Sodinokibi.D!tr.ransom
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A
Qihoo-360	HEUR/QVM40.1.09CB.Malware.Gen

How to remove BScope.Trojan.DelShad?

BScope.Trojan.DelShad removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X