Trojan

Trojan-Downloader.Win32.Small.faqv removal

Malware Removal

The Trojan-Downloader.Win32.Small.faqv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Small.faqv virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Network anomalies occured during the analysis.
  • Starts servers listening on :0, 0.0.0.0:22849
  • Enumerates running processes
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to access Bitcoin/ALTCoin wallets

How to determine Trojan-Downloader.Win32.Small.faqv?



File Info:

name: B71545552D3AD0B0E7F5.mlw
path: /opt/CAPEv2/storage/binaries/9077e68d0b1e616db5076d38f36142e171ded3ffe9df4fd461ea9f092322b053
crc32: 926228FE
md5: b71545552d3ad0b0e7f55344afa70a00
sha1: af2f1007fb07aa889c147920a7b6de5f764272cd
sha256: 9077e68d0b1e616db5076d38f36142e171ded3ffe9df4fd461ea9f092322b053
sha512: ede9ab5d16949a51a269260c990940dda8fbb7d50cabcf108ce837221849b29e7151cf21eb70df6c8e5ad156e1abacd9ad7376996f73820379bed06db1258107
ssdeep: 196608:s2plI3dYm9grOfC49lcMVR4cZQjgAtZ62QnsyaHsDq89K71JK9Ph+e3UB44cf1b4:sCoTrcMn4c6jgLK7blUzu+Q9C+jf0T8
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1BEF61946E647D9B6DC8316B06543E3BB5A30BE31C432CC96F248CB699A73EC6561E703
sha3_384: a26b7b8858519ffe89264b194d937972feffb92c7e1bd92009ab6c3a27215a1afe4f229ab1d68e52b37fb95b87530492
ep_bytes: 83ec0cc705f8b6ee0000000000e88e3d
timestamp: 2018-09-15 20:55:08


Version Info:

CompanyName: Fdex
FileDescription: fdexd (OSS daemon/client for Fdex)
FileVersion: 1.0.2.0
InternalName: fdexd
LegalCopyright: 2009-2018 The Bitcoin Core Developers, 2014-2018 The Dash Core Developers, 2015-2018 The PIVX Core Developers, 2017-2018 The Fdex Core Developers
LegalTrademarks1: Distributed under the MIT/X11 software license, see the accompanying file COPYING or http://www.opensource.org/licenses/mit-license.php.
OriginalFilename: fdexd.exe
ProductName: fdexd
ProductVersion: 1.0.2.0
Translation: 0x0000 0x04e4

Trojan-Downloader.Win32.Small.faqv also known as:

LionicTrojan.Win32.Small.4!c
AlibabaTrojanDownloader:Win32/Generic.5ca76bfd
CyrenW32/Trojan.JMBJ-0617
SymantecML.Attribute.HighConfidence
KasperskyTrojan-Downloader.Win32.Small.faqv
AvastWin32:Malware-gen
TencentWin32.Trojan-downloader.Small.Pdlt
ZillyaDownloader.Small.Win32.138532
McAfee-GW-EditionBehavesLike.Win32.Dropper.vh
SophosBitcoin Miner (PUA)
MicrosoftTrojan:Win32/Zpevdo.B
McAfeeArtemis!B71545552D3A
VBA32BScope.TrojanDownloader.Small
CylanceUnsafe
TrendMicro-HouseCallTROJ_GEN.R002H0CA422
RisingDownloader.Small!8.B41 (CLOUD)
FortinetW32/Small.FAQV!tr.dldr
AVGWin32:Malware-gen
Cybereasonmalicious.7fb07a
PandaTrj/GdSda.A

How to remove Trojan-Downloader.Win32.Small.faqv?

Trojan-Downloader.Win32.Small.faqv removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment