Trojan

About “Trojan-Downloader.Win32.Wauchos.t” infection

Malware Removal

The Trojan-Downloader.Win32.Wauchos.t is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Wauchos.t virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • .NET file is packed/obfuscated with Confuser
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Trojan-Downloader.Win32.Wauchos.t?



File Info:

name: F4123E7F09961479452F.mlw
path: /opt/CAPEv2/storage/binaries/1ecdf49da74cd502fe10fc145eadcc1a72987dffae187f06507c797380949d78
crc32: 7B13C7EE
md5: f4123e7f09961479452f0f42b3706293
sha1: edb9006f9a1ee46000727f99e4049c4163675e2c
sha256: 1ecdf49da74cd502fe10fc145eadcc1a72987dffae187f06507c797380949d78
sha512: de8f17ae86fba449c04b525d8c3d436f5131b7501a04908db184b9c97ed0e29508ff2a8f62b566c2c58a47103e7afaebb52dc9ab8262aa0db8e9da1dbd84fb35
ssdeep: 3072:4pgim0oj4jFPBag+mauSiYb6sSHR8W+2wpNP6yI:tjiPp+maBiYb6sSHR8W+rNLI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A304629C725072DFC867C472CEA85CA4FAA074BB530B8603A45B15ED9E1E997CF250F2
sha3_384: d52d2d7fa56e509043e03248e4115bb5dd4c3ba74141724cd45b6a45f5fd6ba9e6659309c7a6b0dbe20d24ea50415a56
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-01-12 05:16:09


Version Info:

Translation: 0x0000 0x04b0
Comments: Mega.CO.CZ API
FileDescription: mega11API
FileVersion: 2.8.0.0
InternalName: 0734375001421039723.exe
LegalCopyright: Copyright Mega.CO.CZ ©  2014
OriginalFilename: 0734375001421039723.exe
ProductName: mega11API
ProductVersion: 2.8.0.0
Assembly Version: 2.8.0.0

Trojan-Downloader.Win32.Wauchos.t also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Wauchos.a!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Olock.1
CAT-QuickHealTrojanAPT.MsoGen.DL3
SkyhighGenericRXGA-GY!F4123E7F0996
ALYacGen:Trojan.Olock.1
Cylanceunsafe
ZillyaDownloader.Wauchos.Win32.3588
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDownloader:Win32/Wauchos.b20deea3
K7GWTrojan ( 700000121 )
K7AntiVirusTrojan ( 700000121 )
ArcabitTrojan.Olock.1
BitDefenderThetaGen:NN.ZemsilF.36680.km0@aSIzago
SymantecBackdoor.Trojan
ESET-NOD32Win32/TrojanDownloader.Wauchos.A
CynetMalicious (score: 99)
APEXMalicious
KasperskyTrojan-Downloader.Win32.Wauchos.t
BitDefenderGen:Trojan.Olock.1
NANO-AntivirusTrojan.Win32.Wauchos.dmjlol
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.13fc8f95
EmsisoftGen:Trojan.Olock.1 (B)
F-SecureHeuristic.HEUR/AGEN.1306893
DrWebBackDoor.Andromeda.22
VIPREGen:Trojan.Olock.1
TrendMicroTROJ_GEN.R002C0OA924
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
JiangminTrojanDownloader.Wauchos.d
WebrootW32.Trojan.GenKD
VaristW32/Trojan.LLXD-4829
AviraHEUR/AGEN.1306893
Antiy-AVLTrojan[Downloader]/Win32.Apt36
Kingsoftmalware.kb.c.843
XcitiumMalware@#2uk69sg6zsck8
MicrosoftWorm:Win32/Gamarue.F
ZoneAlarmTrojan-Downloader.Win32.Wauchos.t
GDataGen:Trojan.Olock.1
GoogleDetected
AhnLab-V3Trojan/Win.ZBot.C5005937
McAfeeGenericRXGA-GY!F4123E7F0996
TACHYONTrojan-Downloader/W32.DN-Wauchos.177152
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002C0OA924
RisingMalware.Obfus/MSIL@AI.94 (RDM.MSIL2:E+v3wJZAdynM35NBVL21bg)
YandexTrojan.DL.Wauchos!fZLkC0NWyiI
IkarusTrojan-Downloader.Win32.Wauchos
FortinetMSIL/Injector.HZD!tr
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Trojan-Downloader.Win32.Wauchos.t?

Trojan-Downloader.Win32.Wauchos.t removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment