Trojan

Trojan-Dropper.Win32.Dinwod.yze removal guide

Malware Removal

The Trojan-Dropper.Win32.Dinwod.yze is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.Win32.Dinwod.yze virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Deletes executed files from disk

How to determine Trojan-Dropper.Win32.Dinwod.yze?



File Info:

name: F687A0A3D2721AE80EED.mlw
path: /opt/CAPEv2/storage/binaries/0047797ee3de92e91cc533efb34a27300c2f4e1a8335209d8a988c0dbb162817
crc32: D006FDAD
md5: f687a0a3d2721ae80eedd0bc746eb584
sha1: 36cd8dc4c2d4b4ea77df06f16bcdd9ba46ab35fb
sha256: 0047797ee3de92e91cc533efb34a27300c2f4e1a8335209d8a988c0dbb162817
sha512: d13b40b2e425ed55cbd3d7afa3db26da3751e48945516b6ef3bd410bd24eb7bffce077d4e7fd05e52000650a77f80b1ee37e9852e9ccd2a39faf8a3822c46d32
ssdeep: 24576:a2UdAdeC6CcpPjdkYDavRmhUJ0unq/K2TIM2Domzv1Jy52IjhyWRwRLUFnMA86c:a2+pB3+IHuq/K2MNyEI87L+nul
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B9553321CDC19978E2A067F0DD34E095DABB3E21B43D615672BB7E49BE37290C482736
sha3_384: ec7ff2d67a9d9e189726e600e69c0484d1c4c486d8821daadd217bb16070a2dff0031b17afd165091403f94e3f28bf72
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: Ruby Software                                               
FileDescription: Alternative RunOnceEx Setup                                 
FileVersion: 1.0.0.2             
LegalCopyright: Copyright© 2008, Ruby Software                                                                      
Translation: 0x0409 0x04e4

Trojan-Dropper.Win32.Dinwod.yze also known as:

SkyhighArtemis
McAfeeArtemis!F687A0A3D272
AlibabaTrojanDropper:Win32/Dinwod.0faee73f
KasperskyTrojan-Dropper.Win32.Dinwod.yze
TencentWin32.Trojan-Dropper.Dinwod.Kzfl
JiangminTrojanDropper.Dinwod.bvr
Antiy-AVLTrojan[Dropper]/Win32.Dinwod
KingsoftWin32.Troj.Undef.a
XcitiumSuspicious@#2x05d6fsltkhh
ZoneAlarmUDS:Trojan-Dropper.Win32.Dinwod.yze
Cylanceunsafe
PandaPUP/Generic
RisingTrojan.Generic@AI.85 (RDML:BZvKXO9+zkLNGJSaJDCiPQ)
MaxSecureTrojan.Malware.186641070.susgen

How to remove Trojan-Dropper.Win32.Dinwod.yze?

Trojan-Dropper.Win32.Dinwod.yze removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment