Trojan

Trojan-Downloader.Win32.Adload.tnmy removal

Malware Removal

The Trojan-Downloader.Win32.Adload.tnmy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Adload.tnmy virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan-Downloader.Win32.Adload.tnmy?



File Info:

name: 09388C391C86209AF0CF.mlw
path: /opt/CAPEv2/storage/binaries/a78180f9e0a16a08999de831d7ef5ea8aaa036eb41f6f94d88b4b0927d654d80
crc32: 9EF9AF63
md5: 09388c391c86209af0cf18f72cc77d09
sha1: d76baab21166e8da0382bcb9c24400d8ed8ccf67
sha256: a78180f9e0a16a08999de831d7ef5ea8aaa036eb41f6f94d88b4b0927d654d80
sha512: c6e99984b9189f2ed267cc4a608c22600a38b4c8bb243978850c2431db53ce463e4e3a212d71932cfd5441fd4d3c98823ab9e15684629f4f4e58a5a47f5c7e48
ssdeep: 98304:M4xtaBpblgRouDB8OAsuTyBaIlHT7Bg/Mo2j6mKM8/RR/DOGrgmTGHf1m7xnflat:9jaBRSRoubFGGf31j6mKhj/N7xnfgt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F42633204285A436EC14EBB5AE706C3E773179610A91977953EEFF8E1BB308CF939254
sha3_384: c6eb3f22c9c20a80326a28cdf2320b537b438509e8b4e28a4d8b7a6e873505501eb08367ee638c16c8dfdab7a9101402
ep_bytes: 558bec83c4cc53565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Iusto Setup                                                 
FileVersion:                     
LegalCopyright:                                                                                                     
Translation: 0x0409 0x04e4

Trojan-Downloader.Win32.Adload.tnmy also known as:

LionicTrojan.Win32.Adload.a!c
MalwarebytesAdware.DownloadAssistant
K7AntiVirusTrojan ( 005722f11 )
AlibabaAdWare:Win32/AdLoad.abe2932f
K7GWTrojan ( 005722f11 )
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
TrendMicro-HouseCallTROJ_GEN.R002H0CL621
Paloaltogeneric.ml
KasperskyTrojan-Downloader.Win32.Adload.tnmy
SophosMal/Generic-S
GDataWin32.Backdoor.Bodelph.DBI07C
JiangminTrojanDownloader.Adload.aina
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeArtemis!09388C391C86
VBA32TrojanDownloader.Adload
FortinetRiskware/Agent

How to remove Trojan-Downloader.Win32.Adload.tnmy?

Trojan-Downloader.Win32.Adload.tnmy removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment