Trojan

How to remove “Trojan-PSW.Win32.Azorult.amoe”?

Malware Removal

The Trojan-PSW.Win32.Azorult.amoe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-PSW.Win32.Azorult.amoe virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Trojan-PSW.Win32.Azorult.amoe?



File Info:

crc32: B8A50C9A
md5: 4cd18aa1b33a5bdb95e9b4c26da611e7
name: ibu.exe
sha1: 8339ee0afdcb375b77a23c8769b46e7771217922
sha256: a9ab2e5373189aeb4015cc4288e96264b46f77954a12f6e1bfc9c92065e06f14
sha512: 66f709484f62df5cdef69d635930efad250457b463822886387ab1bff642c1810e4792a8fb685a4a70c7a6f9e77d77514fc94c8b9f64d5d192f4d90a7cea2c8e
ssdeep: 24576:TAHnh+eWsN3skA4RV1Hom2KXSmdaOphtk2VGnjFIDhugHai4Z7AXPm815:eh+ZkldoPKi2aOm26ZIaDZ7Eh
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0809 0x04b0

Trojan-PSW.Win32.Azorult.amoe also known as:

BkavW32.AIDetectVM.malware2
MicroWorld-eScanTrojan.GenericKD.42834126
Qihoo-360Generic/HEUR/QVM10.2.C87D.Malware.Gen
McAfeeArtemis!4CD18AA1B33A
CylanceUnsafe
AegisLabHacktool.Win32.Gamehack.3!e
SangforMalware
K7AntiVirusTrojan ( 005621c31 )
BitDefenderTrojan.GenericKD.42834126
K7GWTrojan ( 005621c31 )
CrowdStrikewin/malicious_confidence_90% (W)
TrendMicroTrojan.Win32.MALREP.THCAOBO
CyrenW32/AutoIt.KF.gen!Eldorado
SymantecPacked.Generic.548
ESET-NOD32a variant of Win32/Injector.Autoit.FDP
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-PSW.Win32.Azorult.amoe
AlibabaTrojan:Win32/Injector.9a98cd17
NANO-AntivirusTrojan.Win32.Azorult.hezzsu
TencentWin32.Trojan-qqpass.Qqrob.Phgr
Endgamemalicious (high confidence)
EmsisoftTrojan.GenericKD.42834126 (B)
F-SecureTrojan.TR/AD.MoksSteal.gohwe
DrWebTrojan.PWS.Siggen2.44628
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.tc
FortinetAutoIt/Injector.FDH!tr
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.4cd18aa1b33a5bdb
SophosMal/Generic-S
IkarusTrojan-Spy.HawkEye
F-ProtW32/AutoIt.KF.gen!Eldorado
AviraTR/AD.MoksSteal.gohwe
MAXmalware (ai score=85)
ArcabitTrojan.Generic.D28D98CE
ZoneAlarmTrojan-PSW.Win32.Azorult.amoe
MicrosoftTrojan:AutoIt/Injector.J!rfn
AhnLab-V3Win-Trojan/AutoInj.Exp
VBA32Trojan.Wacatac
ALYacTrojan.GenericKD.42834126
Ad-AwareTrojan.GenericKD.42834126
MalwarebytesTrojan.MalPack.AutoIt
PandaTrj/CI.A
TrendMicro-HouseCallTrojan.Win32.MALREP.THCAOBO
eGambitUnsafe.AI_Score_99%
GDataTrojan.GenericKD.42834126
AVGScript:SNH-gen [Trj]
Cybereasonmalicious.afdcb3
AvastScript:SNH-gen [Trj]
MaxSecureTrojan.Malware.300983.susgen

How to remove Trojan-PSW.Win32.Azorult.amoe?

Trojan-PSW.Win32.Azorult.amoe removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment