Mal/Generic-R + Troj/Zbot-NY (file analysis)

The Mal/Generic-R + Troj/Zbot-NY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Mal/Generic-R + Troj/Zbot-NY virus can do?

How to determine Mal/Generic-R + Troj/Zbot-NY?


File Info:
crc32: FA0045F4
md5: ef74895721b549a375c2a7a0f54a5750
name: EF74895721B549A375C2A7A0F54A5750.mlw
sha1: 5aec0fa18037ee1a8c9d276d452c0c09c476354c
sha256: 79952bf63416d97f8d78b841679e8a773ed0fc6d7d911c116665a12e147a8533
sha512: 23a32e12c29d2135f605c2f1bb194dca38f17d0c9e595cc68ac14041030e816e7f75840258889f188a42f15d9a3ce18acf37d7ba02b8ba8f14fba52c76f99691
ssdeep: 768:X0IrC2dQdY3+xOF4/i/BEYkp7P6lweQDhDmpU5GFrrEzWsdSE0d8pUHIkI0IJa:XRAJxO+2G40OIkaJa
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0409 0x04b0
InternalName: sszbtcDp
FileVersion: 9.10
CompanyName: sszbtcDp
ProductName: sszbtcDp
ProductVersion: 9.10
OriginalFilename: sszbtcDp.exe

Mal/Generic-R + Troj/Zbot-NY also known as:

Bkav	W32.AlterEIP.PE
K7AntiVirus	Trojan ( 00133ee01 )
Lionic	Virus.Win32.Murofet.li7L
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen.34201
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Patched.AM
ALYac	Trojan.Patched.FI
Cylance	Unsafe
Zillya	Virus.Starter.Win32.1
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	Malware:Win32/km_2f5b.None
K7GW	Trojan ( 00133ee01 )
Cybereason	malicious.721b54
Baidu	Win32.Worm.Autorun.z
Cyren	W32/Zbot.T.gen!Eldorado
Symantec	W32.Changeup
ESET-NOD32	Win32/TrojanDownloader.Small.OUC
APEX	Malicious
Avast	Win32:Zbodo [Inf]
ClamAV	Win.Trojan.VB-1207
Kaspersky	Trojan.Win32.ZbotPatched.a
BitDefender	Trojan.Patched.FI
NANO-Antivirus	Virus.Win32.Dlder.lbyd
ViRobot	Win32.PatchedZBot.A
MicroWorld-eScan	Trojan.Patched.FI
Tencent	Trojan.Win32.Patched.k
Ad-Aware	Trojan.Patched.FI
Sophos	Mal/Generic-R + Troj/Zbot-NY
Comodo	TrojWare.Win32.Patched.O@1mj32s
BitDefenderTheta	AI:Packer.93B75C3C1F
VIPRE	Virus.Win32.Zbot.a (v)
TrendMicro	PE_ZBOT.A
McAfee-GW-Edition	BehavesLike.Win32.VBObfus.lm
FireEye	Generic.mg.ef74895721b549a3
Emsisoft	Trojan.Patched.FI (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	TrojanDownloader.Genome.ghl
Avira	TR/Patched.ZB
Antiy-AVL	Trojan/Generic.ASCommon.F
Microsoft	Virus:Win32/Zbot.A
Arcabit	Trojan.Patched.FI
SUPERAntiSpyware	Trojan.Agent/Gen-Vobfus
ZoneAlarm	Trojan.Win32.ZbotPatched.a
GData	Trojan.Patched.FI
TACHYON	Trojan/W32.ZbotPatched.77824.B
AhnLab-V3	Win-Trojan/Patched.AE
Acronis	suspicious
McAfee	VBObfus.b
MAX	malware (ai score=100)
VBA32	Trojan.ZbotPatched
Panda	W32/Patched.L
TrendMicro-HouseCall	PE_ZBOT.A
Rising	Worm.Autorun!1.D162 (CLASSIC)
Yandex	Trojan.GenAsa!BuQA6xuGzUk
Ikarus	Virus.Worm
MaxSecure	Virus.W32.ZbotPatched.A
Fortinet	W32/VBObfus.BDBD!tr
AVG	Win32:Zbodo [Inf]
Paloalto	generic.ml

How to remove Mal/Generic-R + Troj/Zbot-NY?

Mal/Generic-R + Troj/Zbot-NY removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X