Categories: Trojan

BScope.Trojan.Skeeyah information

The BScope.Trojan.Skeeyah is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.Trojan.Skeeyah virus can do?

  • Executable code extraction
  • Injection with CreateRemoteThread in a remote process
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Sniffs keystrokes
  • Crashed cuckoomon during analysis. Report this error to the Github repo.
  • A process attempted to delay the analysis task by a long amount of time.
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

Related domains:

resolver1.opendns.com
myip.opendns.com
curlmyip.net
winserver-cdn.at

How to determine BScope.Trojan.Skeeyah?



File Info:

crc32: 3002FDB4md5: 17aaeafb56d6dcd13c2d75e2ae2c9d44name: vvvv.exesha1: 67c2cd9ba927e85e81051e76b6a81c98dd957693sha256: f2706bd8b702637d153444796ed36723de9208edb99d3a1ca54dc54e939e6dfasha512: 79dc00fc43f7b4efb3f49f874469e2d252b5f4a2647c9d835321f138bc05780fbc22e851008dabcf129af4e0483f4f06c6cb4f3a641b25813fcf3c0f68303c5fssdeep: 24576:DHpsk6H5PM4lTxPPAY2u4vKyNB8iNVAkGPowRp+KSC86RqxQ85da:DpD6H5PMKh3YYow9Qqtype: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: 2006-2014 (c)InternalName: StreamCompanyName: mozilla.orgLegalTrademarks: 2006-2014 (c)ProductName: StreamProductVersion: 3.6.2.5FileDescription: Adaptable CrashOriginalFilename: StreamTranslation: 0x0409 0x04b0

BScope.Trojan.Skeeyah also known as:

Bkav W32.AIDetectVM.malware2
DrWeb Trojan.Siggen9.12750
MicroWorld-eScan Trojan.GenericKD.33273356
CAT-QuickHeal Trojan.Wacatac
Qihoo-360 Generic/Trojan.9e2
McAfee Artemis!17AAEAFB56D6
Cylance Unsafe
Zillya Trojan.GenKryptik.Win32.43245
Sangfor Malware
K7AntiVirus Trojan ( 0056087d1 )
BitDefender Trojan.GenericKD.33273356
K7GW Trojan ( 0056087d1 )
Cybereason malicious.ba927e
Invincea heuristic
BitDefenderTheta Gen:NN.ZexaF.34090.sD0@ayZE1bbi
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/GenKryptik.EEDG
APEX Malicious
Paloalto generic.ml
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Trojan:Win32/GenKryptik.d987cb3d
Avast Win32:Trojan-gen
Rising Spyware.Zbot!8.16B (CLOUD)
Ad-Aware Trojan.GenericKD.33273356
Emsisoft Trojan.Agent (A)
F-Secure Trojan.TR/Kryptik.papop
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition BehavesLike.Win32.Dropper.tc
Trapmine malicious.high.ml.score
FireEye Generic.mg.17aaeafb56d6dcd1
Sophos Mal/Generic-S
SentinelOne DFI – Malicious PE
Cyren W32/Trojan.XZRD-6132
Webroot W32.Trojan.Gen
Avira TR/Kryptik.papop
Fortinet Malicious_Behavior.SB
Antiy-AVL Trojan/Win32.Wacatac
Endgame malicious (high confidence)
Arcabit Trojan.Generic.D1FBB60C
ViRobot Trojan.Win32.Z.Remcos.1358848
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/Gozi!MTB
AhnLab-V3 Trojan/Win32.Ursnif.C3992788
Acronis suspicious
VBA32 BScope.Trojan.Skeeyah
ALYac Trojan.Banker.Gozi
MAX malware (ai score=99)
TrendMicro-HouseCall TROJ_GEN.R002H0CBH20
Ikarus Trojan-Spy.Remcos
eGambit Unsafe.AI_Score_99%
GData Trojan.GenericKD.33273356
AVG Win32:Trojan-gen
CrowdStrike win/malicious_confidence_100% (W)

How to remove BScope.Trojan.Skeeyah?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: BScope.Trojan.Skeeyahcurlmyip.netmyip.opendns.comresolver1.opendns.comStreamwinserver-cdn.at
4 years ago

Recent Posts

Generic.Dacic.1A7FA519.A.F34D6DE8 removal instruction

The Generic.Dacic.1A7FA519.A.F34D6DE8 is considered dangerous by lots of security experts. When this infection is active,…

25 seconds ago

Should I remove “Babar.143901”?

The Babar.143901 is considered dangerous by lots of security experts. When this infection is active,…

7 mins ago

UDS:NetTool.Win64.FRP removal tips

The UDS:NetTool.Win64.FRP is considered dangerous by lots of security experts. When this infection is active,…

12 mins ago

Should I remove “Worm.Win32.Vobfus.ykp”?

The Worm.Win32.Vobfus.ykp is considered dangerous by lots of security experts. When this infection is active,…

15 mins ago

Doina.66979 removal tips

The Doina.66979 is considered dangerous by lots of security experts. When this infection is active,…

16 mins ago

Application.Generic.3678684 malicious file

The Application.Generic.3678684 is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago