Trojan

Trojan.Heur.amGfXkKRHfk removal instruction

Malware Removal

The Trojan.Heur.amGfXkKRHfk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Heur.amGfXkKRHfk virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Creates a copy of itself
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Heur.amGfXkKRHfk?



File Info:

name: 7F9C4F1531929A662CCD.mlw
path: /opt/CAPEv2/storage/binaries/7bc1b0d9619692f828311e4be04f1bfc03153ec167fc9792e9b74a0d8e992ebc
crc32: A1AAB2FB
md5: 7f9c4f1531929a662ccdcd19f4d09526
sha1: c60e5d77dc9dac706b2ed1d068761a323c530cd9
sha256: 7bc1b0d9619692f828311e4be04f1bfc03153ec167fc9792e9b74a0d8e992ebc
sha512: fa41a79a64fa2eeb8bb2a4903d4b7c297e62edb487dea724893e1837d0504650b99d88b0a43370b59bfb310311a2238c1e28012f985ff7dbc689bcb86985f215
ssdeep: 384:S6099FzAEgDj7gYQKCWb0Q//Qkai/OJN96WiMUB6:U7Bpmg6bh//Wi/OJv69MU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10A52CFE3F1566C53C119333B8713C30B19BFD455E08A7BEEAED4AAC368E385C4A84496
sha3_384: 0c7dfccc2c94149eb2f4a6cbb55135cb3e3dd960511c883e34b65280b9958f4d176d5d383a096110a2546a2bbf3e07ee
ep_bytes: 60be008040008dbe0090ffff5783cdff
timestamp: 2008-01-17 22:13:16


Version Info:

0: [No Data]

Trojan.Heur.amGfXkKRHfk also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Hilldoor.a!c
AVGWin32:Hilldoor-G [Trj]
Elasticmalicious (moderate confidence)
DrWebTrojan.Click.16990
MicroWorld-eScanGen:Trojan.Heur.amGfXkKRHfk
FireEyeGeneric.mg.7f9c4f1531929a66
Skyhighgeneric!bg.ftt
McAfeegeneric!bg.ftt
MalwarebytesGeneric.Malware/Suspicious
VIPREGen:Trojan.Heur.amGfXkKRHfk
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 004d1b061 )
AlibabaTrojanDownloader:Win32/Hilldoor.6735e7f4
K7GWTrojan-Downloader ( 004d1b061 )
CrowdStrikewin/malicious_confidence_90% (D)
BitDefenderThetaAI:Packer.B5799CBE1B
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.FakeAlert.BGX
CynetMalicious (score: 100)
APEXMalicious
AvastWin32:Hilldoor-G [Trj]
ClamAVWin.Downloader.31058-1
KasperskyTrojan-Downloader.Win32.Hilldoor.b
BitDefenderGen:Trojan.Heur.amGfXkKRHfk
NANO-AntivirusTrojan.Win32.Click.fejjhx
SUPERAntiSpywareTrojan.Unknown Origin
RisingDownloader.Hilldoor!8.4726 (CLOUD)
EmsisoftGen:Trojan.Heur.amGfXkKRHfk (B)
F-SecureTrojan.TR/Downloader.Gen
ZillyaDownloader.Hilldoor.Win32.4
TrendMicroTROJ_DLOADER.FVP
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
JiangminTrojanDownloader.Hilldoor.a
AviraTR/Downloader.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan[Downloader]/Win32.Hilldoor
KingsoftWin32.Troj.Undef.a
MicrosoftTrojanDownloader:Win32/Renos
ArcabitTrojan.Heur.amGfXkKRHfk
ViRobotTrojan.Win32.Downloader.14336.AE
ZoneAlarmTrojan-Downloader.Win32.Hilldoor.b
GDataGen:Trojan.Heur.amGfXkKRHfk
VaristW32/FakeAlert.P.gen!Eldorado
VBA32BScope.Trojan.FakeAlert
ALYacGen:Trojan.Heur.amGfXkKRHfk
Cylanceunsafe
PandaAdware/SpySheriff
TrendMicro-HouseCallTROJ_DLOADER.FVP
TencentMalware.Win32.Gencirc.13c1255e
YandexTrojan.DL.Hilldoor!1hpfdW4n1yw
IkarusTrojan-PWS.Win32.WebMoner.ar
MaxSecureTrojan.Malware.733780.susgen
FortinetW32/GenKryptik.CBSO!tr
Cybereasonmalicious.531929
DeepInstinctMALICIOUS
alibabacloudTrojan[downloader]:Win/FakeAlert.BGX

How to remove Trojan.Heur.amGfXkKRHfk?

Trojan.Heur.amGfXkKRHfk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment