Ransom Trojan

BScope.TrojanRansom.Stealc information

Malware Removal

The BScope.TrojanRansom.Stealc is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.TrojanRansom.Stealc virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial binary language: Chinese (Simplified)
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine BScope.TrojanRansom.Stealc?



File Info:

name: F91BADF0FFD4C981ECC1.mlw
path: /opt/CAPEv2/storage/binaries/2007971f7c44dbeaa0c6d2f06933a1f0b8f0e228a67257149658f40e2b8b6ea8
crc32: D463F6C5
md5: f91badf0ffd4c981ecc18bfd27ba3c61
sha1: 277b37889536d71c69eb01eabb0612ae3f998bbf
sha256: 2007971f7c44dbeaa0c6d2f06933a1f0b8f0e228a67257149658f40e2b8b6ea8
sha512: e5c4003a8cbd68297d539da6377e00203bc115bef6c8f257e92befc5983905fff7b89c0f60f975543ae89a120d525f3c30cbe8a5c432fb70e9ca9c5d23995d0c
ssdeep: 24576:SACAM65EglFPp4hNqSB4YbH1Sn3nx/ny9:SACAM6igrLs4Egn3xvk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10745AE23F381C072C02506351C9FABF5567AB9701F6202B337912B6E9DF56D1AF29B62
sha3_384: ada9561da36cb7e4432820b1da523a27569ac9cb21fe2cddcb5576a3869d48a6f8813b89f722174bd094578fe7dd1a5f
ep_bytes: e8b4040000e97afeffff558bec81ec24
timestamp: 2022-09-10 12:16:53


Version Info:

CompanyName: shuax.com
FileDescription: MouseInc
FileVersion: 2.13.4
InternalName: MouseInc.exe
LegalCopyright: shuax.com
OriginalFilename: MouseInc.exe
ProductName: MouseInc
ProductVersion: 2.13.4
Translation: 0x0804 0x04b0

BScope.TrojanRansom.Stealc also known as:

Elasticmalicious (moderate confidence)
SkyhighBehavesLike.Win32.Dropper.th
SangforTrojan.Win32.Agent.Vs3t
APEXMalicious
WebrootW32.Trojan.Gen
Antiy-AVLTrojan/Win32.PossibleThreat
CynetMalicious (score: 100)
McAfeeGenericRXAA-AA!F91BADF0FFD4
VBA32BScope.TrojanRansom.Stealc
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaF.36680.lv0@amoxM8gi
CrowdStrikewin/grayware_confidence_60% (D)

How to remove BScope.TrojanRansom.Stealc?

BScope.TrojanRansom.Stealc removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment