Malware

Troj/Steal-CRN removal instruction

Malware Removal

The Troj/Steal-CRN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/Steal-CRN virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Troj/Steal-CRN?



File Info:

name: 328AEE9482A32007AA69.mlw
path: /opt/CAPEv2/storage/binaries/5cf0632f867cf8a4105fb9f8dc1f93ed269f862b01f94208ceb0db5ff1ba1118
crc32: A13E7E09
md5: 328aee9482a32007aa69d6ad96f3887d
sha1: 65b622bfdc2aa68e660539596c17a3aec6a6745a
sha256: 5cf0632f867cf8a4105fb9f8dc1f93ed269f862b01f94208ceb0db5ff1ba1118
sha512: e2af30e41d67ee11d90eb391b42271b95de5a9d712ba5b56a2ff0e0a78bffbe0bb79e6638b52fc895a7d95a2bc16205c29b25b7db3f3d07af89c7dc6085e06fe
ssdeep: 24576:lQVUxPUi4krr/uHldpPjLVlGuREPJXw6AWuQ5p3h3u5qc:lP45NPlIuR6Oqc
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1EBB51A035A8B0E75DDD23BB461CB633B9734EE30CA2A9B7FF609C53599532C4681A742
sha3_384: 0c04162cd4e6e43a4ffd13e1ce26204479cd76e64161c5cf8ec210a676520307f57b662a38d39e07fcaf594e1af2cf11
ep_bytes: 83ec1cc7042401000000ff1508335100
timestamp: 2022-06-15 17:43:45


Version Info:

0: [No Data]

Troj/Steal-CRN also known as:

MicroWorld-eScanGen:Variant.Jaik.80546
FireEyeGen:Variant.Jaik.80546
ALYacGen:Variant.Jaik.80546
CylanceUnsafe
BitDefenderGen:Variant.Jaik.80546
CyrenW32/Kryptik.GTB.gen!Eldorado
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/Kryptik.HPFH
APEXMalicious
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
RisingSpyware.Convagent!8.12330 (TFE:dGZlOgVRZU26bfbcCg)
Ad-AwareGen:Variant.Jaik.80546
SophosTroj/Steal-CRN
EmsisoftGen:Variant.Jaik.80546 (B)
SentinelOneStatic AI – Suspicious PE
MAXmalware (ai score=88)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmHEUR:Trojan-Spy.Win32.Stealer.gen
GDataGen:Variant.Jaik.80546
AhnLab-V3Infostealer/Win.AntiAV.R497427
MalwarebytesTrojan.FakeMBAM
TencentTrojan-Psw.Win32.Reline.16000435
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/RedLineStealer.A!tr
BitDefenderThetaGen:NN.ZexaF.34742.s!Z@ayQriu

How to remove Troj/Steal-CRN?

Troj/Steal-CRN removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment