What is “Trojan.BitCoinClipStealer”?

Malware Removal

The Trojan.BitCoinClipStealer is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Review

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.BitCoinClipStealer virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Trojan.BitCoinClipStealer?


File Info:

crc32: 1C0BCE04
md5: a2421cf603594d18eeccbd36a4d82933
name: update.exe
sha1: 35bfeb9212dc6e8d686c59c1f31fa09060095df5
sha256: 5079652f16fe0084dc7dce4d87b30957922f90344bda3f5d63f120a9314c5be7
sha512: 7df962fa5ad8a96af447520599fd2b6238c1500098e893bd847cbe19d3f12f48509970c6ca1b59e20b0a46a6b468535eceac5e3269aae1680ebdb454c29118e7
ssdeep: 192:Jo9/pxG/cFyrZT7NYRE5aopp7/VUcs606HPwpx4dtUhN1W1X6T:69/pCcFU55zpTKcs6IaUhN1W1X6
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2019
Assembly Version: 1.0.0.0
InternalName: Windows-update.exe
FileVersion: 1.9.2.5
CompanyName: Mincrosoft inc.
LegalTrademarks:
Comments: Windows 10 updater
ProductName: Windows updater
ProductVersion: 1.9.2.5
FileDescription: Windows update
OriginalFilename: Windows-update.exe

Trojan.BitCoinClipStealer also known as:

MicroWorld-eScanTrojan.GenericKD.43188018
FireEyeGeneric.mg.a2421cf603594d18
McAfeeRDN/PWS-Banker
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
BitDefenderTrojan.GenericKD.43188018
CrowdStrikewin/malicious_confidence_60% (W)
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
GDataTrojan.GenericKD.43188018
KasperskyHEUR:Trojan-Banker.MSIL.ClipBanker.gen
AlibabaTrojanBanker:MSIL/ClipBanker.4dd22ff3
TencentMsil.Worm.Agent.Ljti
Ad-AwareTrojan.GenericKD.43188018
EmsisoftTrojan.GenericKD.43188018 (B)
ComodoMalware@#35r600dwtz8np
F-SecureWorm.WORM/Agent.xehxt
DrWebTrojan.AutorunNET.1
TrendMicroTrojanSpy.MSIL.CLIPBANKER.SM
McAfee-GW-EditionRDN/PWS-Banker
SophosMal/Generic-S
IkarusTrojan.MSIL.ClipBanker
AviraWORM/Agent.xehxt
ArcabitTrojan.Generic.D292FF32
AegisLabTrojan.MSIL.ClipBanker.7!c
ZoneAlarmHEUR:Trojan-Banker.MSIL.ClipBanker.gen
MicrosoftTrojan:MSIL/ClipBanker.GG!MTB
BitDefenderThetaGen:NN.ZemsilF.34110.am0@aejxGqn
ALYacTrojan.GenericKD.43188018
MAXmalware (ai score=88)
MalwarebytesTrojan.BitCoinClipStealer
PandaTrj/GdSda.A
ESET-NOD32a variant of MSIL/Agent.GX
TrendMicro-HouseCallTrojanSpy.MSIL.CLIPBANKER.SM
RisingWorm.Agent!8.25 (CLOUD)
SentinelOneDFI – Malicious PE
FortinetMSIL/ClipBanker.LT!tr
WebrootW32.Trojan.Gen
AVGWin32:TrojanX-gen [Trj]
AvastWin32:TrojanX-gen [Trj]
Qihoo-360Generic/Trojan.f6f

How to remove Trojan.BitCoinClipStealer?

Trojan.BitCoinClipStealer removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment