Trojan

Trojan-PSW.Win32.Disco.hmu (file analysis)

Malware Removal

The Trojan-PSW.Win32.Disco.hmu is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-PSW.Win32.Disco.hmu virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan-PSW.Win32.Disco.hmu?



File Info:

name: 02A637B277A5C5BBD66A.mlw
path: /opt/CAPEv2/storage/binaries/639822f6cce8943337834e6de515b7782715d545c60a9d681258885a2d694a0b
crc32: 418E02A3
md5: 02a637b277a5c5bbd66ae754a7c75803
sha1: df18c02dc481500a49cd9f840c41a2912f64d5a3
sha256: 639822f6cce8943337834e6de515b7782715d545c60a9d681258885a2d694a0b
sha512: 4032931da3c9289871ec1d4b824f843bf93be33d65a387307e37ee45539d7d335304ceaf2e9d4d3aa86960303a4dfe2b54a016087388d6838f6694f61461b395
ssdeep: 49152:+HMAjcj3ELHEreVBBvcilONyuSqXze4SmPTV4E:+sAjcjyEhdHSe
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T146957E4BA3B400FDD1A7C179C9465607EBB2B416176097DF16D08A6A2F63BE21F7E320
sha3_384: fb012a0d8454b2a672f6d796fe7d9087a8445cbbcb1a5ca5288d96cad95377686a73144ad8219844633eb3cb1f78cc50
ep_bytes: 4883ec28e87b0500004883c428e97afe
timestamp: 2021-11-24 19:02:49


Version Info:

0: [No Data]

Trojan-PSW.Win32.Disco.hmu also known as:

LionicTrojan.Win32.Disco.i!c
MicroWorld-eScanTrojan.GenericKD.47486946
FireEyeTrojan.GenericKD.47486946
ALYacTrojan.GenericKD.47486946
K7AntiVirusPassword-Stealer ( 0058b20e1 )
AlibabaTrojanPSW:Win32/Disco.0500b8a0
K7GWPassword-Stealer ( 0058b20e1 )
CyrenW64/Agent.DUX.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win64/PSW.Agent.BI
TrendMicro-HouseCallTROJ_GEN.R002C0WKR21
KasperskyTrojan-PSW.Win32.Disco.hmu
BitDefenderTrojan.GenericKD.47486946
AvastWin64:Malware-gen
TencentWin32.Trojan-qqpass.Qqrob.Eok
Ad-AwareTrojan.GenericKD.47486946
EmsisoftTrojan.GenericKD.47486946 (B)
TrendMicroTROJ_GEN.R002C0WKR21
McAfee-GW-EditionBehavesLike.Win64.CoinMiner.th
SophosMal/Generic-S
APEXMalicious
GDataTrojan.GenericKD.47486946
JiangminTrojan.PSW.Disco.cgw
McAfeeGenericRXAA-AA!02A637B277A5
MAXmalware (ai score=81)
MalwarebytesMalware.AI.1066586327
YandexTrojan.PWS.Disco!+Xdylb4qUeI
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat
AVGWin64:Malware-gen
Cybereasonmalicious.dc4815
PandaTrj/CI.A

How to remove Trojan-PSW.Win32.Disco.hmu?

Trojan-PSW.Win32.Disco.hmu removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment