Trojan-Banker.Win32.ClipBanker.sbk removal guide

The Trojan-Banker.Win32.ClipBanker.sbk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Banker.Win32.ClipBanker.sbk virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Trojan-Banker.Win32.ClipBanker.sbk?


File Info:
name: 3A8B43D0B56BA2664979.mlw
path: /opt/CAPEv2/storage/binaries/0da7ea1f346aff3da63c57d094f66e40d288b44dd8976632b89f4b2167449f46
crc32: 58DF9A6C
md5: 3a8b43d0b56ba26649798f3911b4d6ef
sha1: d6f243f7b12db69fbe2e8470a41bc39d40f1c77c
sha256: 0da7ea1f346aff3da63c57d094f66e40d288b44dd8976632b89f4b2167449f46
sha512: 94de37ff1ce1b31efec13b0645730aa1fbfd67bb2616e2a3493e7fbd2b21d3d7dfe4fd4f8d03294e200339afeabe561da59c1e22386df6af0ab875e5f3272f47
ssdeep: 24576:p08VtNvq4dGSrUsZi4r65iAA0BCyC/VavRBkTy6:22anbqVav8T9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A3056C53F3C3C1B3EF9225F2D67967321939B824073CA6DB7390292DE9906C16AB5319
sha3_384: dca55730c60cebcbbadcd8f2a52cf834c33d2cdfc6a704a7cccf80a28a58ebd1f9dccdea32dd7bfa2ac50d6654c41b28
ep_bytes: e8605e0000e989feffffcccccc568b44
timestamp: 2018-02-11 01:37:32

Version Info:
FileDescription: 
FileVersion: 1.1.28.00
InternalName: 
LegalCopyright: 
OriginalFilename: 
ProductName: 
ProductVersion: 1.1.28.00
Translation: 0x0409 0x04b0

Trojan-Banker.Win32.ClipBanker.sbk also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.ClipBanker.7!c
MicroWorld-eScan	Trojan.GenericKD.38734144
FireEye	Generic.mg.3a8b43d0b56ba266
CAT-QuickHeal	Trojanbanker.Clipbanker
McAfee	Artemis!3A8B43D0B56B
Sangfor	Trojan.Win32.ClipBanker.sbk
VirIT	Backdoor.Win32.Bot.GYI
APEX	Malicious
Kaspersky	Trojan-Banker.Win32.ClipBanker.sbk
BitDefender	Trojan.GenericKD.38734144
Avast	FileRepMalware
Emsisoft	Trojan.GenericKD.38734144 (B)
McAfee-GW-Edition	BehavesLike.Win32.Dropper.ch
Jiangmin	TrojanSpy.AutoHK.v
ZoneAlarm	Trojan-Banker.Win32.ClipBanker.sbk
GData	Trojan.GenericKD.38734144
ALYac	Trojan.GenericKD.38734144
MAX	malware (ai score=84)
TrendMicro-HouseCall	TROJ_GEN.R002H09AS22
MaxSecure	Trojan.Malware.300983.susgen
AVG	FileRepMalware
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan-Banker.Win32.ClipBanker.sbk?

Trojan-Banker.Win32.ClipBanker.sbk removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X