About "Trojan-Downloader.Win32.Tovkater.cyxn" infection

The Trojan-Downloader.Win32.Tovkater.cyxn is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan-Downloader.Win32.Tovkater.cyxn virus can do?

Possible date expiration check, exits too soon after checking local time
Reads data out of its own binary image
A process created a hidden window
Drops a binary and executes it
Behavior consistent with a dropper attempting to download the next stage.
Anomalous binary characteristics

Related domains:

midnigntstranger.top

backverge.top

How to determine Trojan-Downloader.Win32.Tovkater.cyxn?


File Info:
crc32: 7AB04A75
md5: 11e5fe29d2752aae4e231b6c8fe8a5ff
name: 11E5FE29D2752AAE4E231B6C8FE8A5FF.mlw
sha1: dca4d7ed9f5d3de946c8751eee66d52caaa7d182
sha256: 0977d623e4caf9bdd384b2cacc667a9427242148b19e18a930d3bbf5f727a13b
sha512: 0629d0692e519c4ece4e1dbc9e7a8bf1e97ba72e90029a41537575e6a23c6ae97eaf2929d09401930b61d82e134c07c709f12533daaab5f257bc7e35c1dc6c5e
ssdeep: 24576:ayoH+dzexq/2nAzMwakYwxn4uMzzTIrtXoWUKlK/cylIcPzfzwGriX8xkY:ESSo/2nAzua4dgUKlKlfxriMKY
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

Version Info:
LegalCopyright: cvbjtgqxjwnryhry ertjfyujvwdyetxEl BARTA. All rights reserved.
FileVersion: 352.4441.4.6
CompanyName: hvbnthwxhbsrtbry cvbnvbnmmgwgtr gerthmBRAZZERS
Comments: fghgyjezgndryhdry fgjhvfgjhjherbforce Installs software 32
ProductName: fertykzrfdsrhry dfghdfghhiforce4 NSIS 3 easy installer
ProductVersion: 864.6534.74.9
Translation: 0x0409 0x04b0

Trojan-Downloader.Win32.Tovkater.cyxn also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan-Downloader ( 0052d8561 )
DrWeb	Trojan.InstallMonster.2637
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Bulz.495867
Cylance	Unsafe
Zillya	Downloader.Tovkater.Win32.875
Sangfor	Trojan.Win32.Tovkater.IL
CrowdStrike	win/malicious_confidence_90% (D)
K7GW	Trojan-Downloader ( 0052d8561 )
Cybereason	malicious.9d2752
Cyren	W32/Tovkater.AB.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanDownloader.Tovkater.IL
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Dropper.Tovkater-6646885-0
Kaspersky	Trojan-Downloader.Win32.Tovkater.cyxn
BitDefender	Gen:Variant.Bulz.495867
NANO-Antivirus	Trojan.Win32.Tovkater.eybrqq
MicroWorld-eScan	Gen:Variant.Bulz.495867
Ad-Aware	Gen:Variant.Bulz.495867
Sophos	Mal/Generic-S
Comodo	TrojWare.Win32.TrojanDownloader.Tovkater.GC@7jimpe
BitDefenderTheta	Gen:NN.ZexaF.34236.@@Z@a4DaLMm
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R002C0DJG21
McAfee-GW-Edition	BehavesLike.Win32.ICLoader.tc
FireEye	Generic.mg.11e5fe29d2752aae
Emsisoft	Gen:Variant.Bulz.495867 (B)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1117983
Antiy-AVL	Trojan/Generic.ASMalwS.34834DE
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Bulz.495867
Acronis	suspicious
McAfee	Artemis!11E5FE29D275
MAX	malware (ai score=98)
VBA32	Trojan.InstallMonster
Malwarebytes	Trojan.Downloader
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_GEN.R002C0DJG21
Yandex	Trojan.DL.Tovkater!Q9WRXSHbaIM
Ikarus	Trojan-Downloader.Win32.Tovkater
Fortinet	W32/Tovkater.IA!tr.dldr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Trojan-Downloader.Win32.Tovkater.cyxn?

Trojan-Downloader.Win32.Tovkater.cyxn removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “Trojan-Downloader.Win32.Tovkater.cyxn” infection