Trojan

Trojan.GenericPMF.S32612790 malicious file

Malware Removal

The Trojan.GenericPMF.S32612790 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.GenericPMF.S32612790 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics

How to determine Trojan.GenericPMF.S32612790?



File Info:

name: A33584A617F47767F850.mlw
path: /opt/CAPEv2/storage/binaries/2cebddc6f96c1806e1544a25281e2bad1ac610b4b717f9c607e0273bc35764d1
crc32: CB184DE8
md5: a33584a617f47767f8500802065d3bae
sha1: 88a529280da34c4d75565559a7118f8bbcdd8a5d
sha256: 2cebddc6f96c1806e1544a25281e2bad1ac610b4b717f9c607e0273bc35764d1
sha512: 80bedba2104b7a271d46bb06899a94b54b37583bfcea6c3cbc43a47fde16b05e84589df84016f32ad1ff95206e991384d79a5f9d45858b5954d2e72fceed38b3
ssdeep: 6144:/7namNE/XwwCleWdpQEOEEwmBFunb0AAO/kQlSHOxQz:LamSANleWduyE03ZkKuOx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E9648C02BBC2C432D17305324ABAE2654ABDB9702D31865F63F84A2DDE74591BA31F77
sha3_384: f8cc75993b9fa4eee8990cc5a1a888e4cfbae5cbcd305f3d9979896183d14aade046f1b089fb71c505b3327b12b4765a
ep_bytes: e860060000e98efeffffff252c824300
timestamp: 2024-02-01 15:00:32


Version Info:

FileDescription: Setup Downloader
FileVersion: 0.1.0.4
InternalName: download
LegalCopyright: Copyright (C) 2021 Yandex LLC
OriginalFilename: downloader.exe
ProductName: Setup Downloader
ProductVersion: 0.1.0.4
Translation: 0x0419 0x04b0

Trojan.GenericPMF.S32612790 also known as:

BkavW32.Common.BCA579EF
LionicTrojan.Win32.Yandex.4!c
CAT-QuickHealTrojan.GenericPMF.S32612790
MalwarebytesPUP.Optional.Downloader
SangforPUP.Win32.Yandex.Vr6n
K7AntiVirusUnwanted-Program ( 0056626f1 )
K7GWUnwanted-Program ( 0056626f1 )
ESET-NOD32a variant of Win32/Yandex.K potentially unwanted
GoogleDetected
VaristW32/ABRisk.UTPR-4429
Antiy-AVLGrayWare/Win32.Yandex
MicrosoftPUABundler:Win32/YandexBundled
Cylanceunsafe
IkarusPUA.Yandex
FortinetRiskware/Yandex
DeepInstinctMALICIOUS

How to remove Trojan.GenericPMF.S32612790?

Trojan.GenericPMF.S32612790 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment