Trojan

Should I remove “Trojan-Banker.Win32.BestaFera.ahbq”?

Malware Removal

The Trojan-Banker.Win32.BestaFera.ahbq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Banker.Win32.BestaFera.ahbq virus can do?

  • Creates RWX memory
  • Unconventionial binary language: Portuguese (Brazil)
  • Unconventionial language used in binary resources: Portuguese (Brazilian)
  • Queries information on disks, possibly for anti-virtualization
  • Attempts to modify desktop wallpaper
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Anomalous binary characteristics

How to determine Trojan-Banker.Win32.BestaFera.ahbq?



File Info:

crc32: BFC26682
md5: ce474d46eeed98fd75f0e63f7ee717f3
name: CE474D46EEED98FD75F0E63F7EE717F3.mlw
sha1: 2446c8c3f571574165c37a95e4825d80c41c8958
sha256: dbf4506c38bc75b226af3d8b140aaf0c1ed219bbce3efa3b6ab86ef0b19a5dc2
sha512: 01d5ebfaeb658ed5d42b9422d953706b7acbbf18076580d93d30d388e18d2b74193f3ddb913cb487d835788982357d0ee55cec9cb7ab72c9a7ea113df7383c29
ssdeep: 24576://yTEey/mpfQtjqGGkhNNP8j3dT0a2mulYgmWzY2d:HyQ9/yqnBs3Z0Jm
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: 
InternalName: Blok
FileVersion: 7.12.1.1
CompanyName: Gamsoft sistemas de informaxe7xe3o Ltda.
LegalTrademarks: 
Comments: 
ProductName: Blok
ProductVersion: 2006 Plus A15
FileDescription: Agente do Blok
OriginalFilename: Blok.exe
Translation: 0x0416 0x04e4

Trojan-Banker.Win32.BestaFera.ahbq also known as:

K7AntiVirusRiskware ( 0040eff71 )
CynetMalicious (score: 100)
CylanceUnsafe
ZillyaTrojan.BestaFera.Win32.6753
AlibabaTrojanBanker:Win32/BestaFera.68964470
K7GWRiskware ( 0040eff71 )
SymantecTrojan.Gen.MBT
AvastWin32:Malware-gen
KasperskyTrojan-Banker.Win32.BestaFera.ahbq
NANO-AntivirusTrojan.Win32.BestaFera.fivycn
TencentWin32.Trojan.Spy.Taex
BitDefenderThetaAI:Packer.2230EC6618
Antiy-AVLTrojan/Generic.ASMalwS.2871094
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeePWS-Banker.gen.t
MAXmalware (ai score=99)
PandaTrj/GdSda.A
FortinetW32/Banker.B!tr.pws
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan-Banker.Win32.BestaFera.ahbq?

Trojan-Banker.Win32.BestaFera.ahbq removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment