Trojan

BScope.Trojan.Vucha information

Malware Removal

The BScope.Trojan.Vucha is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.Trojan.Vucha virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to delete volume shadow copies
  • A system process is generating network traffic likely as a result of process injection
  • Behavior consistent with a dropper attempting to download the next stage.
  • Installs itself for autorun at Windows startup
  • Attempts to modify browser security settings
  • Creates a copy of itself
  • Harvests information related to installed mail clients
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine BScope.Trojan.Vucha?



File Info:

crc32: 916337DD
md5: b42592b1571375baf5afe9380fd1fcb0
name: B42592B1571375BAF5AFE9380FD1FCB0.mlw
sha1: d2eaeef3be585147bedfec070dc94b4be4c60522
sha256: 52df21bfb7fe0227b9f0e3a06cd9ee81777dc7a5f615d381047a84f9ca70cec3
sha512: 87fb4a031eef63c4ce692c6258996fdfb3c96a2faf935d4d4ef88e643310279fd656178e0bf70e5a86ab301dd7729721379ad13b2486ca3fb0c9ee742261ef63
ssdeep: 6144:jWKyCrJFB3LfbV2yT5RjdLhx4LWf5U6NJxDuZGyBE:j3rJF5jV2e9CLWmUJIJBE
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 1997-2012, Nullsoft, Inc.
InternalName: Elevator.exe
FileVersion: 5,6,3,3234
CompanyName: Nullsoft, Inc.
PrivateBuild: Release|Win32
ProductName: Winamp Elevator
BuildNumber: 3234
SpecialBuild: 5.6.3, Build 3234 FINAL_2012_0620_154250 
ProductVersion: 5.6.3.3234
FileDescription: Winamp Elevator
OriginalFilename: Elevator.exe
Translation: 0x0409 0x04e4

BScope.Trojan.Vucha also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005224381 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CAT-QuickHealRansom.Cerber.G4
ALYacTrojan.Ransom.Cerber.1
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaTrojanDropper:Win32/dropper.ali1003001
K7GWTrojan ( 005224381 )
Cybereasonmalicious.157137
BaiduWin32.Trojan.Filecoder.q
CyrenW32/Zbot.JC.gen!Eldorado
SymantecPacked.Generic.459
ESET-NOD32a variant of Win32/Kryptik.HCNG
APEXMalicious
AvastFileRepMetagen [Malware]
KasperskyHEUR:Trojan.Win32.Vucha.dc
BitDefenderTrojan.Ransom.Cerber.1
NANO-AntivirusTrojan.Win32.Vucha.evqpym
MicroWorld-eScanTrojan.Ransom.Cerber.1
TencentWin32.Trojan.Generic.Pcsb
Ad-AwareTrojan.Ransom.Cerber.1
SophosML/PE-A + Mal/Ransom-EJ
ComodoTrojWare.Win32.Kryptik.FBWM@6gt9t1
BitDefenderThetaAI:Packer.3DC263EE1F
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_CERBER.SMFE
McAfee-GW-EditionBehavesLike.Win32.Ransomware.gh
FireEyeGeneric.mg.b42592b1571375ba
EmsisoftTrojan.Ransom.Cerber.1 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1125229
eGambitUnsafe.AI_Score_99%
MicrosoftRansom:Win32/Teerac.A
ArcabitTrojan.Ransom.Cerber.1
AegisLabTrojan.Win32.Generic.4!c
ZoneAlarmHEUR:Trojan.Win32.Vucha.dc
GDataTrojan.Ransom.Cerber.1
AhnLab-V3Win-Trojan/Cerber.Gen
Acronissuspicious
McAfeePacked-MU!B42592B15713
MAXmalware (ai score=100)
VBA32BScope.Trojan.Vucha
MalwarebytesMalware.AI.1809994275
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_CERBER.SMFE
RisingTrojan.Kryptik!1.AE9C (CLOUD)
IkarusPUA.Downloader
FortinetW32/Dridex.DD!tr
AVGFileRepMetagen [Malware]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Cerber.HgIASOcA

How to remove BScope.Trojan.Vucha?

BScope.Trojan.Vucha removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment