Should I remove “Trojan.BHORA.01280”?

The Trojan.BHORA.01280 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.BHORA.01280 virus can do?

Unconventionial language used in binary resources: Turkish
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Trojan.BHORA.01280?


File Info:
name: 64B1B4E4F00EF0042CBA.mlw
path: /opt/CAPEv2/storage/binaries/5164a1f19768ab7b13703ef20f833e971c495ee41cf07b476d0a6584c8544dec
crc32: F0511319
md5: 64b1b4e4f00ef0042cba5a2ad1298e16
sha1: ece3df6bc314da8286b5ab439bb28b4ed74fa2c5
sha256: 5164a1f19768ab7b13703ef20f833e971c495ee41cf07b476d0a6584c8544dec
sha512: 94bf7d30435f432e9f3e82153b0188858205813832b8d2d7f27d234c6d37534b2a35fe2993e5d2c3031238ff10963c576c1cf75e04211fb3ef644b17b3a78863
ssdeep: 12288:YehE5DaMdhizmI2Eemi4OsZonEDfXKtoskTG7BY8NrM21v1NWtW7eQ:YcmmenEDaSscE
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T161D43941F5D5C931C47B663E9D5ADDE190703E28BE51A0A336E67F1FB4B20421B3A38A
sha3_384: 59dcaf6f9532966fa56518d7db9dc90ad3cab2bca39419e2fb9ffb5855a8b1d816236be8dc7120b91fc030445f05f205
ep_bytes: 558bec83c4c4b88cb91c04e8f845fcff
timestamp: 1992-06-19 22:22:17

Version Info:
CompanyName: Vega Yazılım Ltd. Şti.
LegalCopyright: Vega Yazılım Ltd. Şti.
ProductVersion: 42
FileVersion: 0.0.0.0
Compile Date: 09 Nisan 2013 Salı 15:12
Translation: 0x041f 0x04e6

Trojan.BHORA.01280 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Multi.Generic.lCiE
Skyhigh	BehavesLike.Win32.Generic.jh
McAfee	GenericRXEJ-AX!64B1B4E4F00E
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Trojan.Win32.Agent.Vjtr
CrowdStrike	win/malicious_confidence_70% (W)
K7GW	Trojan ( 7000000f1 )
K7AntiVirus	Trojan ( 7000000f1 )
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
TrendMicro-HouseCall	TROJ_GEN.R002H06IF23
ClamAV	Win.Dropper.946dbfd-9864619-0
FireEye	Generic.mg.64b1b4e4f00ef004
Sophos	Generic ML PUA (PUA)
Ikarus	Backdoor.Poison
Google	Detected
Varist	W32/Delf_Troj.BI.gen!Eldorado
Kingsoft	malware.kb.a.999
Cynet	Malicious (score: 100)
VBA32	Trojan.BHORA.01280
Cylance	unsafe
Rising	Trojan.Generic@AI.100 (RDML:LN/xMOfwlKFrarpxrVtTjw)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Generic.RXEG!tr
DeepInstinct	MALICIOUS

How to remove Trojan.BHORA.01280?

Trojan.BHORA.01280 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X