Trojan

Trojan.Heur.omSfrOVW61pj removal tips

Malware Removal

The Trojan.Heur.omSfrOVW61pj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Heur.omSfrOVW61pj virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Heur.omSfrOVW61pj?



File Info:

name: AEE1624D075D132C9432.mlw
path: /opt/CAPEv2/storage/binaries/066d464859adec8d5c87279c44de1901ff35ecb4bcebe6696bd418a4909c72df
crc32: 79CBF949
md5: aee1624d075d132c94329078e00dd187
sha1: 4489e558f530baa6cc74fdd2938f837c5d5f329a
sha256: 066d464859adec8d5c87279c44de1901ff35ecb4bcebe6696bd418a4909c72df
sha512: 70d727f0b8404073f8a3fdc8855c5686a8a356624cf201817dc3492d1f3fd1ed77200042d606c6f62e729e2b7577e92c8b598234d71e41de2529a6a171b0e3e6
ssdeep: 6144:8RKxGBSoP9cJFqaPDvKQMbepCIFQhCldo0O:8RAq9cjq4KXqpbFyWq0
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T13D3412BFE653F82EE8B44B7310100D34B89C6DBD575E3D6B8125A4AB3E21F896547382
sha3_384: 97e51c4239c3c93a1126d8d46fd84afcbf1d2962a326d1d5064e27161346f1a12b3b43b482ff990b7b1487052562d12b
ep_bytes: 807c2408010f85d901000060be009046
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Background Intelligent Transfer Services
FileVersion: 6.6.3791.1832
InternalName: qmgr32.dll
LegalCopyright: (C) Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: qmgr32.dll
ProductName: Microsoft(R) Windows(R) Operating System
ProductVersion: 6.6.3791.1831
Translation: 0x0804 0x03a8

Trojan.Heur.omSfrOVW61pj also known as:

LionicTrojan.Win32.Delf.a!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Trojan.Heur.omSfrOVW61pj
FireEyeGeneric.mg.aee1624d075d132c
SkyhighBehavesLike.Win32.PWSQQPass.dc
McAfeeArtemis!AEE1624D075D
Cylanceunsafe
VIPREGen:Trojan.Heur.omSfrOVW61pj
SangforTrojan.Win32.Delf.mt
K7AntiVirusTrojan ( 005376ae1 )
AlibabaTrojanDownloader:Win32/Generic.0f2b358b
K7GWTrojan ( 005376ae1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Delf.BBW
APEXMalicious
TrendMicro-HouseCallTROJ_DELF.GAG
AvastWin32:Downloader-BGE [Trj]
KasperskyTrojan-Downloader.Win32.Delf.bbw
BitDefenderGen:Trojan.Heur.omSfrOVW61pj
NANO-AntivirusTrojan.Win32.Delf.wtta
TencentMalware.Win32.Gencirc.13f82cf8
EmsisoftGen:Trojan.Heur.omSfrOVW61pj (B)
F-SecureTrojan.TR/Crypt.FKM.Gen
DrWebTrojan.DownLoad.60445
ZillyaDownloader.Delf.Win32.13847
TrendMicroTROJ_DELF.GAG
SophosMal/Behav-327
Paloaltogeneric.ml
MAXmalware (ai score=100)
JiangminTrojanDownloader.Delf.chw
GoogleDetected
AviraTR/Crypt.FKM.Gen
VaristW32/Downloader.EJLM-7919
Antiy-AVLTrojan/Win32.TSGeneric
KingsoftWin32.Troj.Undef.a
MicrosoftTrojanDownloader:Win32/Delf
XcitiumTrojWare.Win32.TrojanDownloader.Delf.BBW@ap23
ArcabitTrojan.Heur.omSfrOVW61pj
ViRobotSpyware.Crypt.Agent.230400
ZoneAlarmTrojan-Downloader.Win32.Delf.bbw
GDataGen:Trojan.Heur.omSfrOVW61pj
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.R113516
BitDefenderThetaAI:Packer.29B644F91C
ALYacGen:Trojan.Heur.omSfrOVW61pj
VBA32TScope.Trojan.Delf
PandaTrj/Genetic.gen
RisingMalware.Undefined!8.C (TFE:5:skXj9mSj7TO)
YandexTrojan.GenAsa!FhheAxpX6x4
IkarusTrojan-Downloader.Win32.Delf.bbw
MaxSecureTrojan.Malware.470370.susgen
FortinetW32/Delf.BBW!tr.dldr
AVGWin32:Downloader-BGE [Trj]
DeepInstinctMALICIOUS
alibabacloudWorm:Win/Delf.BBW

How to remove Trojan.Heur.omSfrOVW61pj?

Trojan.Heur.omSfrOVW61pj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment