Trojan

SScope.Trojan.Buzus.ak removal instruction

Malware Removal

The SScope.Trojan.Buzus.ak is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What SScope.Trojan.Buzus.ak virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to interact with an Alternate Data Stream (ADS)

How to determine SScope.Trojan.Buzus.ak?



File Info:

name: 91D32C12E297C2DE0AE9.mlw
path: /opt/CAPEv2/storage/binaries/d228e194e59e8a9f1150c1fd6bc7a62ac272a035de96ee60b03cc4fcb0c848c5
crc32: 8C258C25
md5: 91d32c12e297c2de0ae91af284058966
sha1: 0b82cb96114dc17f16fa8eca521fc69f4e3c2cce
sha256: d228e194e59e8a9f1150c1fd6bc7a62ac272a035de96ee60b03cc4fcb0c848c5
sha512: 2a565178abe48d896ab5227664e52066137aef884ed37ac810b9979e1c4d8443d848ce9a87df2d69f63997b323688a429301b962151588aba59648545c2c0f87
ssdeep: 3072:P6hGegM/XGNIbskIsmHX5no1EkQR2qu3DrnUDDwHkhz8:cGegMiQIrJqEJRc6DwD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F3F31210935A5811D3FACC70514C57A1AC6CE73A45EBC0E6DCBAC09AEE20E73CED2D69
sha3_384: 6cfe3e6829da560ea78bcdb34a21169e1636c338520045eae06a7a20d2c040448fd21f8c71aa95cbf381f6fde7b190b9
ep_bytes: 6a286870204000e87402000033ff57ff
timestamp: 2007-12-28 14:11:35


Version Info:

FileDescription: Protected Application
FileVersion: 1, 0, 0, 1
ProductVersion: 1, 0, 0, 1
Comments: Is protected with Teggo MoleBox 4.2321
Translation: 0x0000 0x04b0

SScope.Trojan.Buzus.ak also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Bifrose.lj8w
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Refroso.2
ClamAVWin.Trojan.Agent-36155
FireEyeGeneric.mg.91d32c12e297c2de
CAT-QuickHealVirTool.DelfInject.AF
McAfeeArtemis!91D32C12E297
CylanceUnsafe
VIPREGen:Variant.Refroso.2
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 001788e91 )
K7GWTrojan ( 001788e91 )
Cybereasonmalicious.2e297c
CyrenW32/VBInject.V.gen!Eldorado
SymantecBackdoor.Bifrose!gen
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.MoleboxUltra suspicious
APEXMalicious
CynetMalicious (score: 100)
KasperskyBackdoor.Win32.Bifrose.fsi
BitDefenderGen:Variant.Refroso.2
NANO-AntivirusTrojan.Win32.Dybalom.dvxne
SUPERAntiSpywareTrojan.Agent/Gen-Crypt
AvastWin32:Evo-gen [Trj]
RisingTrojan.Generic@AI.100 (RDML:JlsEJLb6uGCNlq2Ve6WjjA)
Ad-AwareGen:Variant.Refroso.2
ComodoTrojWare.Win32.Trojan.Midgare.hhn1@1otzzw
DrWebTrojan.Inject1.30808
TrendMicroTROJ_BREDLAB.SMD
McAfee-GW-EditionArtemis!Trojan
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Refroso.2 (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Refroso.2
JiangminTrojan.Generic.bjusv
AviraTR/Crypt.CFI.Gen
Antiy-AVLTrojan/Generic.ASBOL.C615
KingsoftWin32.Hack.Undef.(kcloud)
ArcabitTrojan.Refroso.2
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win32.Bifrose.R1707
BitDefenderThetaAI:Packer.489A3CE31E
ALYacGen:Variant.Refroso.2
MAXmalware (ai score=83)
VBA32SScope.Trojan.Buzus.ak
MalwarebytesTrojan.MalPack.Generic
TrendMicro-HouseCallTROJ_BREDLAB.SMD
TencentWin32.Backdoor.Bifrose.Simw
YandexBackdoor.Trenk!0zw3ZOQiYLM
IkarusTrojan.Win32.Agent
MaxSecurePacked.Rebhip.a
FortinetW32/Refroso.BKBI!tr
AVGWin32:Evo-gen [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove SScope.Trojan.Buzus.ak?

SScope.Trojan.Buzus.ak removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment