Trojan

Trojan.Genome.gb removal

Malware Removal

The Trojan.Genome.gb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Genome.gb virus can do?

  • A file was accessed within the Public folder.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Genome.gb?



File Info:

name: 81979271FB0E5F1D5D3C.mlw
path: /opt/CAPEv2/storage/binaries/ec26ecc37e4a209a561452127f1e2aff487ff38e37d3ca4b03ef54103190633f
crc32: 3962D34B
md5: 81979271fb0e5f1d5d3c0603bad5595a
sha1: 46771da3314e0f00e8bf7bf0ead300cd381439b9
sha256: ec26ecc37e4a209a561452127f1e2aff487ff38e37d3ca4b03ef54103190633f
sha512: 2597f95e3f9564efab65fec1f6f5b7f74f11e43f6d0fcb7ec6552a4a9000e8ce2b429c41b3ebd7e27d7f9a39059ea139092aeb040ec70fc52d97019fdf15ea89
ssdeep: 49152:tKe3ebbWaWNsIEjTQRiBc+tBhTR+1yy5D1WU2yc7zEtqBYl9lRZvWflFkH:MeubbWaWNyQIIx552j3EtFZvW4
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T119B5F01623A04C2ED52217F0986916E7DBE56F530A6BF472B648A69B3433773F334D0A
sha3_384: 171c56349ec8161241d9a8dc45255e0fd6f0d6de3c783c275bee25fdeaab9e11ab9633851cb94cad94b4751cca0ea389
ep_bytes: 83ec4456ff15782040008bf085f67508
timestamp: 2006-08-02 08:47:39


Version Info:

Comments: 
CompanyName: 
FileDescription: DuDu Speed Setup
FileVersion: 5, 0, 0, 6
InternalName: DuDu Speed
LegalCopyright: Copyright 2006
LegalTrademarks: 
OriginalFilename: Setup.exe
PrivateBuild: 
ProductName: Setup
ProductVersion: 5, 0, 0, 6
SpecialBuild: 
Translation: 0x0409 0x04b0

Trojan.Genome.gb also known as:

BkavW32.Common.7B855498
Cylanceunsafe
SangforTrojan.Win32.Agent.V9bk
SymantecAdware.GAIN
Elasticmalicious (moderate confidence)
APEXMalicious
NANO-AntivirusTrojan.Win32.Dloader.odaqa
AvastWin32:Adware-gen [Adw]
Trapminemalicious.moderate.ml.score
SophosGeneric Reputation PUA (PUA)
IkarusTrojan.Win32.Dm
Antiy-AVLTrojan/Win32.Sabsik
MicrosoftProgram:Win32/Wacapew.C!ml
GoogleDetected
VBA32Trojan.Genome.gb
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/Application
AVGWin32:Adware-gen [Adw]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Trojan.Genome.gb?

Trojan.Genome.gb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment