Malware

NetTool.Win32.ZXProxy.jj (file analysis)

Malware Removal

The NetTool.Win32.ZXProxy.jj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What NetTool.Win32.ZXProxy.jj virus can do?

  • A file was accessed within the Public folder.
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Harvests credentials from local FTP client softwares

How to determine NetTool.Win32.ZXProxy.jj?



File Info:

name: 5CA62E507E07538D1369.mlw
path: /opt/CAPEv2/storage/binaries/f40b3d9edc6447105b98dfd390ebdfd6abb3655667fbaf74c51a1d26a50321c8
crc32: 0332597D
md5: 5ca62e507e07538d136960a0cf682e7d
sha1: e64041afcd07ef7461b8014cd069c37930872318
sha256: f40b3d9edc6447105b98dfd390ebdfd6abb3655667fbaf74c51a1d26a50321c8
sha512: 120648d55e3a29f9ebed443ec39c4946392ef035e5e8cb8a9e3808b081599d58e05a02c38b182d07e915f328289847304f757ff1676db6854eed7ff7a05facfb
ssdeep: 49152:hXVmjqkyCQW1Hq62DnVY7MMMMMMM3MMMMMMMMMjMMMMMMMMMXEb4ONCyTrUQ:leD1HqzDnVwMMMMMMM3MMMMMMMMMjMMo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A7B57C02B692C0A5C2110471D6ABDBBDE36DBD544B34CF9373E4FE1FB9F61824926226
sha3_384: fc2baa0cb8042a03dc2caf7aab8f42312c7e98ed2d1b32f345ca7dced927d4a5a70bb8386bf78afb9a202d3c6ecf6fff
ep_bytes: 558bec6aff68201753006838b04c0064
timestamp: 2002-08-19 20:42:47


Version Info:

CompanyName: GlobalSCAPE, Inc.
FileDescription: CuteFTP
FileVersion: 50.07.08.01
InternalName: FTP
LegalCopyright: 1995-2002, GlobalSCAPE, Inc.
LegalTrademarks: (R)
OriginalFilename: CUTFTP32.EXE
ProductName: CuteFTP
ProductVersion: 5.0.0.0
Translation: 0x0804 0x03a8

NetTool.Win32.ZXProxy.jj also known as:

BkavW32.AIDetectMalware
FireEyeGeneric.mg.5ca62e507e07538d
ZillyaTrojan.FakeAV.Win32.218608
AlibabaNetTool:Win32/ZXProxy.ea859a8b
CynetMalicious (score: 100)
Kasperskynot-a-virus:NetTool.Win32.ZXProxy.jj
NANO-AntivirusTrojan.Win32.Almanahe.danvom
Kingsoftmalware.kb.a.970
ZoneAlarmnot-a-virus:NetTool.Win32.ZXProxy.jj
PandaTrj/Genetic.gen
RisingMalware.FakeFolder/ICON!1.6AA9 (CLASSIC)
YandexTrojan.GenAsa!bModj15etXE
MaxSecureTrojan.Malware.300983.susgen

How to remove NetTool.Win32.ZXProxy.jj?

NetTool.Win32.ZXProxy.jj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment