Categories: Malware

What is “Program:Win32/Ymacco.AA76”?

The Program:Win32/Ymacco.AA76 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Program:Win32/Ymacco.AA76 virus can do?

  • Presents an Authenticode digital signature
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz
rrrioYNbTRzfc.rrrioYNbTRzfc

How to determine Program:Win32/Ymacco.AA76?



File Info:

crc32: 73568EF3md5: 52081a121ec13bb053dc2a9b32d0041aname: 52081A121EC13BB053DC2A9B32D0041A.mlwsha1: 1c39ce3a975070637f6bcc39d62315c0e3b9ec09sha256: 7634f7cfc1bf1214b2b2dead5b5e2eaf6bf6ae5ed5faec54d9bd49deae334f74sha512: 8fe1e2c001099029a965eb1642c9cc22c3d10b8a534b86c60f156e0fb5a252f8292ead52645b14d9db31a862ed1b9776fe9366663afd06691fdd2d8ac5baabfcssdeep: 24576:OQLny3OiG7O5fWcmCM4jBg0nWDqVXF1/Vz897cDH6WboJVIb90IIFS:OQLy3Z5ecmCMqhnllLNgIHjbiIb9Ntype: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.InternalName: Htxykka                FileVersion: 18.2.8576.36057 (iynalnq_bct.697779-9079)CompanyName: Microsoft CorporationProductName: Internet ExplorerProductVersion: 18.2.8576.36057FileDescription: Chf10 Frywncc Lrbxojzzdf                                           OriginalFilename: JGXYJRF.EXE            .ALKTranslation: 0x0409 0x04b0

Program:Win32/Ymacco.AA76 also known as:

Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Strictor.255164
FireEye Generic.mg.52081a121ec13bb0
McAfee Artemis!52081A121EC1
Cylance Unsafe
AegisLab Trojan.Win32.Alien.4!c
Sangfor Malware
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Gen:Variant.Strictor.255164
K7GW Trojan ( 005769b01 )
K7AntiVirus Trojan ( 005769b01 )
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:Trojan-gen
Cynet Malicious (score: 100)
Kaspersky Trojan.Win32.Alien.kvr
Alibaba Trojan:Win32/Alien.3fbd9bb6
Rising Dropper.Certutil!1.D0D0 (CLASSIC)
Ad-Aware Gen:Variant.Strictor.255164
Sophos Mal/Generic-S
F-Secure Trojan.TR/Barys.sgcmf
DrWeb Trojan.MulDrop16.9852
Zillya Trojan.Alien.Win32.1613
McAfee-GW-Edition BehavesLike.Win32.BadFile.tc
Emsisoft Gen:Variant.Strictor.255164 (B)
Avira TR/Barys.sgcmf
MAX malware (ai score=87)
Microsoft Program:Win32/Ymacco.AA76
Arcabit Trojan.Strictor.D3E4BC
ZoneAlarm Trojan.Win32.Alien.kvr
GData Gen:Variant.Strictor.255164
AhnLab-V3 PUP/Win32.RL_Generic.R364225
ALYac Gen:Variant.Strictor.255164
Malwarebytes Trojan.Dropper.WXT.Generic
Panda Trj/Genetic.gen
ESET-NOD32 a variant of Generik.CFKFDLE
Tencent Malware.Win32.Gencirc.10ce325c
Ikarus Trojan.Barys
Fortinet PossibleThreat.PALLAS.H
AVG Win32:Trojan-gen
Cybereason malicious.a97507
Qihoo-360 Win32/Trojan.61f

How to remove Program:Win32/Ymacco.AA76?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: a.tomx.xyzHtxykkaProgram:Win32/Ymacco.AA76rrrioYNbTRzfc.rrrioYNbTRzfcz.whorecord.xyz
3 years ago

Recent Posts

What is “MSIL/TrojanDropper.Agent.BVT”?

The MSIL/TrojanDropper.Agent.BVT is considered dangerous by lots of security experts. When this infection is active,…

10 mins ago

Should I remove “Generic.Dacic.94CCEEA9.A.A4A6DA47”?

The Generic.Dacic.94CCEEA9.A.A4A6DA47 is considered dangerous by lots of security experts. When this infection is active,…

11 mins ago

Malware.AI.524217860 removal tips

The Malware.AI.524217860 is considered dangerous by lots of security experts. When this infection is active,…

57 mins ago

Trojan:Win32/Koutodoor.F removal tips

The Trojan:Win32/Koutodoor.F is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

How to remove “Malware.AI.1412460714”?

The Malware.AI.1412460714 is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

Generic.Dacic.8952383F.A.5EC8C34B removal instruction

The Generic.Dacic.8952383F.A.5EC8C34B is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago