HackTool.Win32.Binder.bs malicious file

The HackTool.Win32.Binder.bs is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What HackTool.Win32.Binder.bs virus can do?

• Executable code extraction
• Injection (inter-process)
• Injection (Process Hollowing)
• Possible date expiration check, exits too soon after checking local time
• Creates RWX memory
• Reads data out of its own binary image
• Drops a binary and executes it
• The binary likely contains encrypted or compressed data.
• Executed a process and injected code into it, probably while unpacking
• Attempts to repeatedly call a single API many times in order to delay analysis time
• Steals private information from local Internet browsers
• Installs itself for autorun at Windows startup
• Harvests information related to installed instant messenger clients
• Attempts to interact with an Alternate Data Stream (ADS)
• Collects information to fingerprint the system
• Anomalous binary characteristics

How to determine HackTool.Win32.Binder.bs?

File Info:
crc32: 94ADAB17md5: 1172996f92030f921568ba8643650c69name: 206911.jpgsha1: ec361a03f9b0095dd92a29ef2794c0124c11361asha256: 33cce03d34bb9b8d014d5c7f640c4bd57d9c7fc4ae1f663447bc044ae8b6d17dsha512: 4537eeec7ebd8dbef8feb3441a3bcddd89f74e88ea020e845085d1f19f25b654bfef4574ad283702edccfc9f055879e1dcdc2c622400025f30246b2489890214ssdeep: 24576:9QWn8RZz/gMbER12GT3OcQcGfjeHi7YmJXFsoPvWZ:9YRZDgqER12GT3OcQcGbeHE5Fso3Wtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

HackTool.Win32.Binder.bs also known as:

Bkav	W32.GenericBinderLnr.Trojan
DrWeb	Trojan.MulDrop2.39589
MicroWorld-eScan	Gen:Variant.Binder.1
FireEye	Generic.mg.1172996f92030f92
CAT-QuickHeal	VirTool.Vbinder.CO5
ALYac	Gen:Variant.Binder.1
Malwarebytes	HackTool.Binder
VIPRE	Trojan-Dropper.Win32.Binder.bs (v)
AegisLab	Hacktool.Win32.Binder.lo77
K7AntiVirus	Trojan ( 004babd11 )
BitDefender	Gen:Variant.Binder.1
K7GW	Trojan ( 004babd11 )
Cybereason	malicious.f92030
TrendMicro	TROJ_BINDER_FC1700C9.UVPA
BitDefenderTheta	Gen:NN.ZexaF.32250.KvW@am6!KDpG
Cyren	W32/Backdoor.FVDJ-1096
Symantec	SMG.Heur!gen
TotalDefense	Win32/Tnega.AGBZ
APEX	Malicious
Avast	Win32:Trojan-gen
ClamAV	Win.Trojan.Binder-6
GData	Win32.Trojan.Binder.A
Kaspersky	HackTool.Win32.Binder.bs
Alibaba	HackTool:Win32/Binder.ec6f5e31
NANO-Antivirus	Trojan.Win32.Stealer.ghgrrr
ViRobot	Trojan.Win32.A.Swisyn.49120
Rising	Dropper.Binder!1.AEB1 (CLASSIC)
Ad-Aware	Gen:Variant.Binder.1
Sophos	Mal/Fareit-V
Comodo	TrojWare.Win32.TrojanDropper.Binder.cls@4m6ovz
F-Secure	Trojan.TR/Injector.bqrfx
Baidu	Win32.Trojan-Dropper.Binder.m
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.th
Trapmine	malicious.high.ml.score
CMC	HackTool.Win32.Binder!O
Emsisoft	Gen:Variant.Binder.1 (B)
Ikarus	Trojan.Win32.Dorv
F-Prot	W32/Backdoor2.HKXU
Jiangmin	HackTool.Binder.bh
Webroot	W32.Trojan.Gen
Avira	TR/Injector.bqrfx
MAX	malware (ai score=86)
Antiy-AVL	Trojan/Win32.Kryptik
Endgame	malicious (high confidence)
Arcabit	Trojan.Binder.1
SUPERAntiSpyware	Trojan.Agent/Gen-Binder
ZoneAlarm	HackTool.Win32.Binder.bs
Microsoft	VirTool:Win32/Vbinder.CO
AhnLab-V3	HackTool/Win32.Vbinder.R12127
Acronis	suspicious
McAfee	Trojan-FDDZ!1172996F9203
VBA32	Binder.Celesty
Cylance	Unsafe
ESET-NOD32	Win32/TrojanDropper.Binder.NBH
TrendMicro-HouseCall	TROJ_BINDER_FC1700C9.UVPA
Yandex	HackTool.Binder!IMtdREcP3/k
SentinelOne	DFI – Malicious PE
MaxSecure	HackTool.W32.Binder.bs
Fortinet	W32/Dropper.NBH!tr
AVG	Win32:Trojan-gen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (W)
Qihoo-360	Win32/Trojan.Hacktool.4af

How to remove HackTool.Win32.Binder.bs?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.