Trojan

What is “Trojan-Downloader.Win32.Adload.tnyb”?

Malware Removal

The Trojan-Downloader.Win32.Adload.tnyb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Adload.tnyb virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan-Downloader.Win32.Adload.tnyb?



File Info:

name: 2DBC7E666FBEC8762C0B.mlw
path: /opt/CAPEv2/storage/binaries/c791497ad66fe402974c722383875b1313b9f2627092494f5cbae2e4ad78662e
crc32: EC547854
md5: 2dbc7e666fbec8762c0bf1683ef256ec
sha1: a9c9aa1b9e8fb562afeed0f73908f84410b45ca1
sha256: c791497ad66fe402974c722383875b1313b9f2627092494f5cbae2e4ad78662e
sha512: fcfdacbb0b8b5cf8f80ab65aa10a4dfa3f02233e3be5aa7b2d7340b88849036ea6684bac4d0d8e16fa295efee8fda958305a1e3f3334951adbb17bf01a6c0fb3
ssdeep: 98304:q+lfYiU6eCMabk0a1gIdBavaQIOQojUsPHvL30KcngBwGcS:nYiUtCZkbTmIpoHvL30KcnzRS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E92633243DA46479F0320CF56C7BC60A66F0B0BA993850B9B718F5EC6F7F0585629BC6
sha3_384: ee8c296423ce25badbcdfc1e769edfbb6d19cbcfe4cd9a7faeb72c9100bffe7419e6d5574a1577456f44ae7e8f33be6c
ep_bytes: 558bec83c4cc53565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Ea Setup                                                    
FileVersion:                     
LegalCopyright:                                                                                                     
Translation: 0x0409 0x04e4

Trojan-Downloader.Win32.Adload.tnyb also known as:

McAfeeArtemis!2DBC7E666FBE
CylanceUnsafe
K7AntiVirusTrojan ( 005722fe1 )
AlibabaAdWare:Win32/AdLoad.a90adac7
K7GWTrojan ( 005722fe1 )
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
KasperskyTrojan-Downloader.Win32.Adload.tnyb
AvastWin32:AdwareX-gen [Adw]
DrWebTrojan.DownLoader44.13041
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
JiangminTrojanDownloader.Adload.aiod
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataWin32.Backdoor.Bodelph.SY2C1P
MalwarebytesAdware.DownloadAssistant
TrendMicro-HouseCallTROJ_GEN.R002H0DL821
YandexTrojan.Igent.bW5sK5.8
FortinetRiskware/Agent
WebrootW32.Trojan.Gen
AVGWin32:AdwareX-gen [Adw]

How to remove Trojan-Downloader.Win32.Adload.tnyb?

Trojan-Downloader.Win32.Adload.tnyb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment