Trojan

Trojan-Downloader.Win32.Deyma.bmy malicious file

Malware Removal

The Trojan-Downloader.Win32.Deyma.bmy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Deyma.bmy virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Attempts to connect to a dead IP:Port (5 unique times)
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Uses Windows utilities for basic functionality
  • A process attempted to delay the analysis task by a long amount of time.
  • Installs itself for autorun at Windows startup
  • Attempts to identify installed AV products by installation directory
  • Creates a copy of itself
  • Collects information to fingerprint the system

Related domains:

cpaglobal.cloud
searchtool.space
tradingsignals.club
www.cpaglobal.cloud
www.tradingsignals.club

How to determine Trojan-Downloader.Win32.Deyma.bmy?



File Info:

crc32: CE6BF9EB
md5: f0d8f5b7a0e01207efc16af30462944c
name: 2.scr
sha1: d88c5e5e26fcd85c858d559dd072b62f5073a4dc
sha256: ffd4f5794b4fac1f47e93f1c15f2b895171266851fd5cae649e139719e727dc3
sha512: fb83f98d93291b0610d3ebb22285e4e6cb17c17c80aeaff47264d8053fd36695d10f6afb73df144453c0e5677390aa287391695f04498468bd81c9dca4c3b6f4
ssdeep: 1536:aUWJw1Lc+njx9H7T4tWoYDUEkU+7CEzv/4FFRfWNBqgIGyWTaWVh9gegUHHxAy86:uJKLdeTzo7pNWTFh9g5nZmhM+
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Trojan-Downloader.Win32.Deyma.bmy also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.43540614
CAT-QuickHealTrojan.CKGENERIC
ALYacTrojan.Downloader.Deyma.A
MalwarebytesTrojan.Injector
SangforMalware
K7AntiVirusTrojan-Downloader ( 0053f96f1 )
BitDefenderTrojan.GenericKD.43540614
K7GWTrojan-Downloader ( 0053f96f1 )
Cybereasonmalicious.7a0e01
InvinceaMal/Generic-S + Troj/Amadey-I
BitDefenderThetaGen:NN.ZexaF.34590.kuW@aeaCsbe
CyrenW32/Trojan.ASJB-1328
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Agent.EGF
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Downloader.Win32.Deyma.bmy
AlibabaTrojanDownloader:Win32/Deyma.022d4090
NANO-AntivirusVirus.Win32.Gen.ccmw
ViRobotTrojan.Win32.Z.Agent.163840.CUH
TencentWin32.Trojan-downloader.Deyma.Eddo
Ad-AwareTrojan.GenericKD.43540614
SophosTroj/Amadey-I
ComodoMalware@#2hi265uztakdz
F-SecureTrojan.TR/AD.Zlob.xduth
DrWebTrojan.SpyBot.1003
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojan.Win32.DEYMA.AA
McAfee-GW-EditionBehavesLike.Win32.Swisyn.cm
FireEyeGeneric.mg.f0d8f5b7a0e01207
EmsisoftTrojan.GenericKD.43540614 (B)
WebrootW32.Trojan.Gen
AviraTR/AD.Zlob.xduth
Antiy-AVLTrojan[Downloader]/Win32.Deyma
ArcabitTrojan.Generic.D2986086
AegisLabTrojan.Win32.Deyma.a!c
ZoneAlarmTrojan-Downloader.Win32.Deyma.bmy
GDataWin32.Trojan.Agent.CF67C0
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C4169624
Acronissuspicious
McAfeeGenericRXLX-ZQ!F0D8F5B7A0E0
VBA32TrojanDownloader.Deyma
PandaTrj/WLT.F
ZonerTrojan.Win32.94687
TrendMicro-HouseCallTrojan.Win32.DEYMA.AA
RisingDownloader.Agent!8.B23 (KTSE)
YandexTrojan.Igent.bUdjg1.1
SentinelOneDFI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/Amadey.944C!tr
AVGOther:Malware-gen [Trj]
AvastOther:Malware-gen [Trj]
Qihoo-360Generic/HEUR/QVM19.1.CA6F.Malware.Gen

How to remove Trojan-Downloader.Win32.Deyma.bmy?

Trojan-Downloader.Win32.Deyma.bmy removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment