Trojan

BScope.TrojanPSW.Lumma (file analysis)

Malware Removal

The BScope.TrojanPSW.Lumma is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.TrojanPSW.Lumma virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine BScope.TrojanPSW.Lumma?



File Info:

name: 09A43BA0F8B5530E2F76.mlw
path: /opt/CAPEv2/storage/binaries/d13d11cb4f3330156e1441aef414593de1197d4cc9d0ab495657a5010a7329ad
crc32: 63D19FE4
md5: 09a43ba0f8b5530e2f76bb141b1ec4d7
sha1: dffb2de4a47e296004882fc26ff15872631404eb
sha256: d13d11cb4f3330156e1441aef414593de1197d4cc9d0ab495657a5010a7329ad
sha512: 1c9594512fd7b1147ba924e16d021a292fe2651a1f252df98ac2f746cde63b9f65161f3ce97b9d7555c5e1bd8c368865c167d3cafb72c4ee562c4628993e3fdb
ssdeep: 3072:RPSER++wDPw0SMGyrqGsStOpFeu7hgOawpyijHitpL4qDuo2PxL7KL3GWR9sx4WO:RPSERNGI0SMASt7u3sLXDEKLWQJQmT
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1D274174A6E51B439C00AE8745AE872A0DF392D253B7A43B32B52443A9E35FE34DFC5C5
sha3_384: 9f03118506cda2dc5685d63fba928ede1ba41c4fc2ce8cb53bce90cdea207b811c476343de719ff9062b2e804b9044e2
ep_bytes: e82a680000e9a4feffff6a0c68901e42
timestamp: 2023-06-18 08:26:50


Version Info:

Comments: This is a legitimate application.
CompanyName: Georgia Capital
FileDescription: Georgia Capital Product
FileVersion: 653
InternalName: xMWNeGXRe7mr
LegalCopyright: © Georgia Capital All rights reserved.
LegalTrademarks: © Georgia Capital Trademarks
OriginalFilename: gJjqY0Ce.exe
ProductName: dEKa80oRcW
ProductVersion: 653
Translation: 0x0407 0x04b0

BScope.TrojanPSW.Lumma also known as:

BkavW32.AIDetectMalware
FireEyeGeneric.mg.09a43ba0f8b5530e
SangforTrojan.Win32.Agent.Vp5i
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
APEXMalicious
CynetMalicious (score: 100)
KasperskyUDS:Trojan-Spy.Win32.Stealer
AvastTrojanX-gen [Trj]
McAfee-GW-EditionBehavesLike.Win32.SFXMplug.fh
Trapminemalicious.high.ml.score
SentinelOneStatic AI – Suspicious PE
ZoneAlarmUDS:Trojan-Spy.Win32.Stealer
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
McAfeeArtemis!09A43BA0F8B5
VBA32BScope.TrojanPSW.Lumma
RisingTrojan.Kryptik!8.8 (TFE:5:u5ZXrIA6OcE)
IkarusTrojan-Spy.Agent
MaxSecureTrojan.Malware.121218.susgen
BitDefenderThetaGen:NN.ZexaF.36250.vu2@a4gLUTmi
AVGTrojanX-gen [Trj]
DeepInstinctMALICIOUS

How to remove BScope.TrojanPSW.Lumma?

BScope.TrojanPSW.Lumma removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment