Malware

Dialer:Win32/Trafficadvance removal tips

Malware Removal

The Dialer:Win32/Trafficadvance is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Dialer:Win32/Trafficadvance virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Detects Bochs through the presence of a registry key
  • Creates a copy of itself
  • Touches a file containing cookies, possibly for information gathering

How to determine Dialer:Win32/Trafficadvance?



File Info:

name: DD01A6F415D68B2A8E56.mlw
path: /opt/CAPEv2/storage/binaries/690695b768594f66de5a8ce95020cf526683d326d2e11f08c41de084dcddf02c
crc32: 27C46E8A
md5: dd01a6f415d68b2a8e561c4e1bdf6300
sha1: 81edb1d46bba407856393ed0913c9737ad6780f8
sha256: 690695b768594f66de5a8ce95020cf526683d326d2e11f08c41de084dcddf02c
sha512: 0d1a2cb0ffcc3c38e8020fd5848d9a332852afba94749b96f3ee8a6ed8d89ea639adc8cc5050863d81ae1670c0526e4ae927808056293fdb44b22a4a7fac7919
ssdeep: 768:d4YXqjEUrfSkhstPqV2RpWc1OrnjVJHtoAMm6BqRWgj/1ETxWIjLi2x1nPf+:SuqjEcvhW0jVpyasnH+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C9333B12B791C533E1A218BC5D2ED6C0683C3A721D2B154BBABD0F4DAD7E3434D192A7
sha3_384: 450fb314b5f14ecfba5c286d71888a4e1c323e7443ec7bc3ad5f2c10c53012272eb8d718e332e4236b16067ef9e4b971
ep_bytes: 558becb9060000006a006a004975f951
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Dialer:Win32/Trafficadvance also known as:

LionicTrojan.Win32.Dialer.l3NB
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Dialer.NWMini.73CF603D
FireEyeGeneric.mg.dd01a6f415d68b2a
CAT-QuickHealTrojan.Diamin.9872
SkyhighDialer-325
McAfeeDialer-325
MalwarebytesDiamin.Trojan.Dialer.DDS
ZillyaTrojan.Diamin.Win32.2488
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0052e9381 )
AlibabaMalware:Win32/km_224ab.None
K7GWTrojan ( 0052e9381 )
Cybereasonmalicious.415d68
BitDefenderThetaGen:NN.ZelphiF.36802.dGX@aq!47xlG
SymantecDialer.Trafficadvance
ESET-NOD32a variant of Win32/Diamin.NAC
TrendMicro-HouseCallDIAL_DIAMIN.YG
ClamAVWin.Trojan.Dialer-856
KasperskyTrojan.Win32.Diamin.ix
BitDefenderGeneric.Dialer.NWMini.73CF603D
NANO-AntivirusTrojan.Win32.Diamin.dbbkqt
AvastWin32:Dialer-BAS [Trj]
TencentMalware.Win32.Gencirc.1403f04f
EmsisoftGeneric.Dialer.NWMini.73CF603D (B)
BaiduWin32.Trojan.Diamin.a
F-SecureTrojan.TR/Diamin.Gen
DrWebDialer.Netvision
VIPREGeneric.Dialer.NWMini.73CF603D
TrendMicroDIAL_DIAMIN.YG
SophosGeneric Reputation PUA (PUA)
IkarusTrojan.Win32.Dialer
JiangminTrojan.Diamin.ee
GoogleDetected
AviraTR/Diamin.Gen
VaristW32/Dialer.L.gen!Eldorado
Antiy-AVLTrojan/Win32.Dialer
Kingsoftmalware.kb.a.1000
MicrosoftDialer:Win32/Trafficadvance
XcitiumTrojWare.Win32.Diamin.A@1beqe8
ArcabitGeneric.Dialer.NWMini.73CF603D
ViRobotTrojan.Win.Z.Diamin.52688
ZoneAlarmTrojan.Win32.Diamin.ix
GDataGeneric.Dialer.NWMini.73CF603D
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Dialer.R7699
VBA32BScope.Trojan.Dialer
ALYacGeneric.Dialer.NWMini.73CF603D
MAXmalware (ai score=82)
Cylanceunsafe
RisingTrojan.Dialer!1.66EB (CLASSIC)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Dialer.SL!tr
AVGWin32:Dialer-BAS [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)
alibabacloudTrojan:Win/Diamin.A

How to remove Dialer:Win32/Trafficadvance?

Dialer:Win32/Trafficadvance removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment