Program:Win32/Ymacco.AACC (file analysis)

Malware Removal

The Program:Win32/Ymacco.AACC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Program:Win32/Ymacco.AACC virus can do?

  • Injection (inter-process)
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup

How to determine Program:Win32/Ymacco.AACC?


File Info:

crc32: 3AAB47D1
md5: 8460d0e9761f7beb1a3da93863f1f520
name: 8460D0E9761F7BEB1A3DA93863F1F520.mlw
sha1: 3b1f4b433f788c974aec0eb6d7306c23fc5ea4bb
sha256: cc6d0accccd5c25f592cdd2437f64a7f3c2e2cf2e52c1f5ce53ee46234b66964
sha512: 85a9da7b71e97e7c1840a34f00e9a580cfff82d8185a2ecf980dadc41fe2135cb612e5549dc06a675c0d8f7d164c5f43382c447a7e3be9fc408623d08778b1a5
ssdeep: 24576:Q53uhFIeeDHpQHSbpFYbLv5bEGAPsKnZaYRPgB6Aby8Tb1UI/6LoFAndzksb:Q5+hFkHpVpFOLv5IqKnA0PS6AbFTb1zS
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright xa9 2005-2016 Oleg N. Scherbakov
InternalName: 7ZSfxMod
FileVersion: 1.7.0.3900
CompanyName: Oleg N. Scherbakov
PrivateBuild: April 1, 2016
ProductName: 7-Zip SFX
ProductVersion: 1.7.0.3900
FileDescription: 7z Setup SFX (x86)
OriginalFilename: 7ZSfxMod_x86.exe
Translation: 0x0000 0x04b0

Program:Win32/Ymacco.AACC also known as:

BkavW32.AIDetect.malware1
K7AntiVirusRiskware ( 0040eff71 )
DrWebTrojan.MulDrop16.36190
CynetMalicious (score: 100)
ALYacApplication.Coinminer.IE
CylanceUnsafe
SangforRiskware.Win32.Ymacco.AACC
AlibabaTrojan:Win32/Bingoml.a96d1c09
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.9761f7
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/Packed.7zip.Z suspicious
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan.Win32.Bingoml.bplw
BitDefenderApplication.Coinminer.IE
MicroWorld-eScanApplication.Coinminer.IE
Ad-AwareApplication.Coinminer.IE
SophosMal/Generic-S (PUA)
ComodoMalware@#pzye1083wfz8
BitDefenderThetaGen:NN.ZexaF.34670.tr3@ayRHPPc
VIPREAdware.Generic
McAfee-GW-EditionBehavesLike.Win32.PUP.tc
FireEyeGeneric.mg.8460d0e9761f7beb
EmsisoftApplication.Coinminer.IE (B)
SentinelOneStatic AI – Malicious PE
MicrosoftProgram:Win32/Ymacco.AACC
GridinsoftTrojan.Win32.CoinMiner.oa
ArcabitApplication.Coinminer.IE
AegisLabTrojan.Multi.Generic.4!c
ZoneAlarmTrojan.Win32.Bingoml.bplw
GDataApplication.Coinminer.IE
McAfeeArtemis!8460D0E9761F
MAXmalware (ai score=73)
VBA32Trojan.Bingoml
MalwarebytesBackdoor.Quasar
RisingTrojan.HiddenRun/SFX!1.D2BC (CLASSIC)
YandexTrojan.Bingoml!AItFM6RtIzk
FortinetW32/Malicious_Behavior.VEX
AVGWin32:Malware-gen
Qihoo-360Win32/Heur.Generic.HyoDK9sA

How to remove Program:Win32/Ymacco.AACC?

Program:Win32/Ymacco.AACC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment