Trojan

Trojan-Banker.Win32.RTM.hck removal

Malware Removal

The Trojan-Banker.Win32.RTM.hck is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Banker.Win32.RTM.hck virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process created a hidden window
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Anomalous binary characteristics

How to determine Trojan-Banker.Win32.RTM.hck?



File Info:

crc32: 715B4145
md5: 5c54f63f1c1b10b7dd0646d36a6ab140
name: 5C54F63F1C1B10B7DD0646D36A6AB140.mlw
sha1: 37059e438b09a8f26f7d18c6ffb3cd9afa03f3d1
sha256: 80fdb4acf6e5f8f4c0dee7b7cab13735c6ee91c40cebd47c1a5dfafb7da420b5
sha512: 1f8f3fcfa821a86bb46756c5ab354f88141bd9a131b5e09ef0896a56981e34de16ccc0f0c07f282c759d912c85ba3adf526e775cb5e3de6ab2206e25ac601350
ssdeep: 6144:jUulCVt4kzCe3Py4WaJnOBZIHGzgzYarwVdICoOrTvlHdRRR:YulcXCeK4fM8mrc02NOr7lH
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Trojan-Banker.Win32.RTM.hck also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.35859297
ALYacTrojan.GenericKD.35859297
CylanceUnsafe
SangforMalware
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaTrojanBanker:Win32/GenKryptik.85fa9b14
K7GWSpyware ( 0040f0131 )
K7AntiVirusSpyware ( 0040f0131 )
ArcabitTrojan.Generic.D2232B61
BitDefenderThetaGen:NN.ZedlaF.34700.GM4@ai3K2dEi
CyrenW32/Trojan.OROV-4527
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:BankerX-gen [Trj]
ClamAVWin.Malware.Fbfk-9817495-0
KasperskyTrojan-Banker.Win32.RTM.hck
BitDefenderTrojan.GenericKD.35859297
Paloaltogeneric.ml
TencentWin32.Trojan-banker.Rtm.Sxeq
Ad-AwareTrojan.GenericKD.35859297
SophosMal/Generic-R + Mal/EncPk-APV
F-SecureTrojan.TR/Kryptik.fgsxz
DrWebTrojan.Inject4.6365
TrendMicroTROJ_GEN.R002C0RLQ20
McAfee-GW-EditionBehavesLike.Win32.Dropper.vz
FireEyeGeneric.mg.5c54f63f1c1b10b7
EmsisoftTrojan.GenericKD.35859297 (B)
IkarusTrojan.Win32.Krypt
JiangminTrojan.Banker.RTM.up
AviraTR/Kryptik.fgsxz
MAXmalware (ai score=85)
Antiy-AVLGrayWare/Win32.Kryptik.ehls
GridinsoftTrojan.Win32.Kryptik.oa
MicrosoftTrojan:Win32/Qakbot.GA!MTB
ZoneAlarmTrojan-Banker.Win32.RTM.hck
GDataTrojan.GenericKD.35859297
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.R360772
McAfeeGenericRXND-US!5C54F63F1C1B
MalwarebytesTrojan.Crypt
ESET-NOD32a variant of Win32/GenKryptik.EZBU
TrendMicro-HouseCallTROJ_GEN.R002C0RLQ20
RisingTrojan.Kryptik!8.8 (TFE:2:ItOo6ejRx2)
FortinetW32/Kryptik.HDNN!tr
AVGWin32:BankerX-gen [Trj]
PandaTrj/GdSda.A
Qihoo-360Win32/Trojan.a57

How to remove Trojan-Banker.Win32.RTM.hck?

Trojan-Banker.Win32.RTM.hck removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment