Program:Win32/Ymacco.AAB9 malicious file

The Program:Win32/Ymacco.AAB9 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Program:Win32/Ymacco.AAB9 virus can do?

Sniffs keystrokes
Installs an hook procedure to monitor for mouse events
Network activity detected but not expressed in API logs

How to determine Program:Win32/Ymacco.AAB9?


File Info:
crc32: F20AE515
md5: 51e807db380c61ea422519ef56748b50
name: f7d449f1f9b75374.exe
sha1: 149e52d94afc4d2cf668178e2c1ffe27513466f5
sha256: b94aaede47b0806b6dc986d1c3fbe8eddeb4ce0cdbebdf6548cc2325ecf3e3d6
sha512: 59f8bd11365d8339961d4e49bb0b26a5d73d634a4994bee0a9e1736e3cb6e35fb09de106635976493addd7d61c11b04da0d6f07959c505eb9c879393cf72d4cf
ssdeep: 24576:xDaQ3CaIGmTr3qV7kPwtL05Z80bdKnWkTIg5/Gec9:j374eYFI1Ee4
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: 
InternalName: 
FileVersion: 1.1.26.00
ProductName: 
ProductVersion: 1.1.26.00
FileDescription: 
OriginalFilename: 
Translation: 0x0409 0x04b0

Program:Win32/Ymacco.AAB9 also known as:

Bkav	W32.AIDetectVM.malware1
McAfee	Artemis!51E807DB380C
Cylance	Unsafe
K7AntiVirus	Trojan ( 0054b4d81 )
K7GW	Trojan ( 0054b4d81 )
CrowdStrike	win/malicious_confidence_60% (W)
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Alibaba	RiskWare:Win32/Generic.59cdbb89
AegisLab	Trojan.Win32.Generic.4!c
Rising	Trojan.Generic@ML.100 (RDML:SxwEeFmyslBuI3916aQs3w)
Sophos	Mal/Generic-S
Comodo	.UnclassifiedMalware@0
Invincea	heuristic
Fortinet	Riskware/GameHack
Ikarus	Trojan.MSIL.Starter
Jiangmin	Trojan.Autoit.jiw
Webroot	W32.Trojan.Gen
SUPERAntiSpyware	Trojan.Agent/Gen-Dropper
Microsoft	Program:Win32/Ymacco.AAB9
VBA32	TrojanDropper.Agent
Zoner	Trojan.Win32.60416
ESET-NOD32	Win32/RiskWare.GameHack.CT
TrendMicro-HouseCall	TROJ_GEN.R002H06GQ20
Tencent	Malware.Win32.Gencirc.10b68181
GData	Win32.Trojan.Agent.3G1PAT
Paloalto	generic.ml

How to remove Program:Win32/Ymacco.AAB9?

Program:Win32/Ymacco.AAB9 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X