Trojan

How to remove “Trojan-Downloader.Win32.Banload.ablkh”?

Malware Removal

The Trojan-Downloader.Win32.Banload.ablkh is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Banload.ablkh virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Attempts to repeatedly call a single API many times in order to delay analysis time

Related domains:

download.rallyesim.fr

How to determine Trojan-Downloader.Win32.Banload.ablkh?



File Info:

crc32: 3D149692
md5: 716209446effa072d14c94aaf1dbfbec
name: depannagersrbr.exe
sha1: ba5a4fe9f5a9b14e9eae5fdeb527b4195cbb8a59
sha256: 4e4c730e864c3e0e4887cca3ec5075ef216f6a6eba8ca0b1c71da8c735b25ef8
sha512: 6a39680943a16857db3388146abb6e62ea9461ba3a6f30f85bf1f83f9d6acb3600e827c71e7216df255f0b83c472c95138037459e1e14f2576c38d521a84a98d
ssdeep: 24576:PDAcK/yA8MfVDexiv0JiVf7Pi/HjCWdXLhepQQtUOxkTaT9fSN:mhfBexYf76/jrZh+QKUOLpQ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 2012, Russell Peters
InternalName: ZMSFX_ver.exe
FileVersion: 1.9.0.0031
CompanyName: DelphiZip
LegalTrademarks: 
Comments: DelphiZip Self Extractor
ProductName: ZipMaster.ZMSFX_ver
ProductVersion: 1.9.0
FileDescription: Zip Self Extractor
OriginalFilename: ZMSFX_ver.exe
Translation: 0x0409 0x04e4

Trojan-Downloader.Win32.Banload.ablkh also known as:

CAT-QuickHealTrojanDownloader.Banload
McAfeeArtemis!716209446EFF
CylanceUnsafe
SangforMalware
KasperskyTrojan-Downloader.Win32.Banload.ablkh
AlibabaTrojanDownloader:Win32/Banload.8da2e32a
NANO-AntivirusTrojan.Win32.Banload.evmccu
AegisLabTrojan.Win32.Banload.a!c
TencentWin32.Trojan-downloader.Banload.Afhi
ZillyaDownloader.Banload.Win32.85069
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
JiangminTrojan/Generic.bikef
ZoneAlarmTrojan-Downloader.Win32.Banload.ablkh
MicrosoftTrojan:Win32/Zpevdo.A
VBA32BScope.TrojanDownloader.Banload
TrendMicro-HouseCallTROJ_GEN.R002H07BH20
SentinelOneDFI – Suspicious PE
MaxSecureTrojan.Malware.1728101.susgen
AVGFileRepMalware
CrowdStrikewin/malicious_confidence_60% (W)
Qihoo-360Win32/Trojan.Downloader.bab

How to remove Trojan-Downloader.Win32.Banload.ablkh?

Trojan-Downloader.Win32.Banload.ablkh removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment