Should I remove “Program:Win32/Ymacco.AA2E”?

The Program:Win32/Ymacco.AA2E is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Program:Win32/Ymacco.AA2E virus can do?

The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs

How to determine Program:Win32/Ymacco.AA2E?


File Info:
crc32: FABE4EB3
md5: 94b5ce9981bca6ea1e6350f92fde0f4f
name: 94B5CE9981BCA6EA1E6350F92FDE0F4F.mlw
sha1: 8c2301980247e1229ffa517bcb35b033764a465a
sha256: 2ef0d153d735e615ce8bf37486b38f59a53338d3e429ccf1fbddaff6b9b6de16
sha512: 3d423768bc8c587ee0eee23e48be19be24754813722a0dc72f08685ffded1e795259fc40b24dd3dd15553449a9a056693be0b43eded93f092590cd4a6e83a6db
ssdeep: 24576:xfhNf8r63aMg0+nSTt3/3or63aMg0+nSTt3/307uVpkLVAw26qBimz8/Ln5:FXfs639/w639/jV2Luw268i7
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9Panda-Skycloud. Technologiy  2020
Assembly Version: 1.0.0.0
InternalName: Pigeon-Ex.exe
FileVersion: 1.0.0.0
CompanyName: Skycloud-Technologies
LegalTrademarks: Skycloud-Inc.
Comments: 
ProductName: Pigeon-Exploit
ProductVersion: 1.0.0.0
FileDescription: Skycloud-Remastered
OriginalFilename: Pigeon-Ex.exe

Program:Win32/Ymacco.AA2E also known as:

MicroWorld-eScan	Trojan.GenericKD.36138405
FireEye	Generic.mg.94b5ce9981bca6ea
McAfee	Artemis!94B5CE9981BC
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
BitDefender	Trojan.GenericKD.36138405
K7GW	Unwanted-Program ( 00549bbb1 )
K7AntiVirus	Unwanted-Program ( 00549bbb1 )
Cyren	W32/Trojan.SSUY-8750
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Cynet	Malicious (score: 100)
Ad-Aware	Trojan.GenericKD.36138405
Sophos	Mal/Generic-R + Mal/MsilInj-G
Zillya	Trojan.DllInject.Win32.8581
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Trojan.GenericKD.36138405 (B)
SentinelOne	Static AI – Malicious PE
MAX	malware (ai score=82)
Microsoft	Program:Win32/Ymacco.AA2E
Arcabit	Trojan.Generic.D2276DA5
GData	Trojan.GenericKD.36138405
ALYac	Trojan.GenericKD.36138405
Malwarebytes	Generic.Malware/Suspicious
ESET-NOD32	a variant of MSIL/DllInject.ADH potentially unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H09AJ21
Ikarus	PUA.MSIL.Dllinject
eGambit	Unsafe.AI_Score_99%
BitDefenderTheta	Gen:NN.ZemsilF.34804.Hn0@aKQV3be
Paloalto	generic.ml

How to remove Program:Win32/Ymacco.AA2E?

Program:Win32/Ymacco.AA2E removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X