Should I remove “Trojan.Banker.Delf.ZJM”?

The Trojan.Banker.Delf.ZJM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Banker.Delf.ZJM virus can do?

Unconventionial language used in binary resources: Portuguese (Brazilian)
The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Trojan.Banker.Delf.ZJM?


File Info:
name: 002455400419BB87FB89.mlw
path: /opt/CAPEv2/storage/binaries/5502d4d71e836e75dc289cd57e779d1daa705f3db8efec5cb5ac2cbaeff04f19
crc32: 33B685D0
md5: 002455400419bb87fb890a580bef19b0
sha1: 49d3edcfc96b86805147644967772523c1eb3ee0
sha256: 5502d4d71e836e75dc289cd57e779d1daa705f3db8efec5cb5ac2cbaeff04f19
sha512: 90391ad107177032014e3a21d6ef8153ff321271bd047c97d495d428ec37bfc72bb8ebc0066f0fbac9759f13eaca5bb2327920e1e749cf61806fff1fc37cb943
ssdeep: 24576:BXFCq4QbihXxWnimvhh7WmQpYWMrSGZ5D1+xn0:B1ixzsuju+xn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11B356C32B6D08837D1731A788D5BC2996836BE606D3C988E76E45F0C5F3D6823D257E2
sha3_384: 31feb93cb1061804ada69a35f1208cc26847a49cf8dd05490f2989255a568d01d6cf6cc2f479fb736c5ac511ae4ddca7
ep_bytes: 558bec83c4f0b8fc434d00e82c1cf3ff
timestamp: 2010-01-09 16:55:14

Version Info:
0: [No Data]

Trojan.Banker.Delf.ZJM also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
tehtris	Generic.Malware
MicroWorld-eScan	Trojan.Banker.Delf.ZJM
FireEye	Generic.mg.002455400419bb87
Skyhigh	BehavesLike.Win32.ObfuscatedPoly.tm
McAfee	Artemis!002455400419
Cylance	unsafe
VIPRE	Trojan.Banker.Delf.ZJM
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 004bcce41 )
BitDefender	Trojan.Banker.Delf.ZJM
K7GW	Trojan ( 004bcce41 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	AI:Packer.C1A4309519
VirIT	Trojan.Win32.Delf.DOO
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
ESET-NOD32	a variant of Win32/Spy.Delf.OFM
Cynet	Malicious (score: 100)
APEX	Malicious
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	TrojanSpy:Win32/DUmPeX.cb888524
NANO-Antivirus	Trojan.Win32.Dwn.ddbglm
Rising	Malware.Undefined!8.C (TFE:5:LHWCo3FnvhF)
Emsisoft	Trojan.Banker.Delf.ZJM (B)
F-Secure	Trojan.TR/Dldr.Delphi.Gen
DrWeb	Trojan.DownLoader1.221
Zillya	Trojan.Banker.Win32.63054
TrendMicro	TROJ_GEN.R002C0WK423
Trapmine	malicious.high.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan-Spy.Agent
GData	Trojan.Banker.Delf.ZJM
Avira	TR/Dldr.Delphi.Gen
Antiy-AVL	Trojan[Spy]/Win32.Delf
Kingsoft	Win32.Troj.Unknown.a
Xcitium	Packed.Win32.MUPX.Gen@24tbus
Arcabit	Trojan.Banker.Delf.ZJM
ZoneAlarm	UDS:DangerousObject.Multi.Generic
Microsoft	PWS:Win32/Fareit!ml
Google	Detected
ALYac	Trojan.Banker.Delf.ZJM
MAX	malware (ai score=99)
DeepInstinct	MALICIOUS
VBA32	TScope.Trojan.Delf
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002C0WK423
Tencent	Win32.Trojan.Dldr.Vwhl
Yandex	TrojanSpy.Delf!CBjc+ye7s0U
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.1728101.susgen
Fortinet	W32/Delf.OFM!tr
AVG	Win32:Malware-gen
Cybereason	malicious.fc96b8
Avast	Win32:Malware-gen

How to remove Trojan.Banker.Delf.ZJM?

Trojan.Banker.Delf.ZJM removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X