Trojan

Trojan-PSW.Win32.Mimikatz.vho removal tips

Malware Removal

The Trojan-PSW.Win32.Mimikatz.vho is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-PSW.Win32.Mimikatz.vho virus can do?

  • Presents an Authenticode digital signature
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX

How to determine Trojan-PSW.Win32.Mimikatz.vho?



File Info:

crc32: D85382D2
md5: 1ca251fd062f6114433bb11a36ee55fa
name: bmmotor.exe
sha1: 8e6ee8332d3bfc1adeb1021e72046abb57f2a58e
sha256: 7734e3afb7d4156a0330c0df8edbebbf9ba08173ce401b9a96a482f78f9e5b3f
sha512: 8c2b12447a3a51177638692d3dbf82c61f967b4b2d5d095e2e2d5d3cba8b59e66acc1aa4d165efb395ac93eaf8e8479427a40382dd3df689e1160e58c97fd7f5
ssdeep: 24576:CVXidc/RUsJM9rkgVfb+BGVd3OkKEX9X/6xUU7sOJL4Ztt22:Oiy7JM9gktD3JtAxUU/J09
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: Copyright (C) 2017
InternalName: DesktopLauncher.exe
FileVersion: 2019.10.31.1926
CompanyName: x5409x80dcx79d1x6280
ProductName: x684cx9762x7ba1x7406x5ba2x6237x7aef
ProductVersion: 7.3.0.9
FileDescription: x684cx9762x7ba1x7406x5ba2x6237x7aef
OriginalFilename: DesktopLauncher.exe
Translation: 0x0804 0x04b0

Trojan-PSW.Win32.Mimikatz.vho also known as:

Qihoo-360Win32/Trojan.PSW.6cf
McAfeeArtemis!1CA251FD062F
CylanceUnsafe
KasperskyHEUR:Trojan-PSW.Win32.Mimikatz.vho
AegisLabTrojan.Win32.Mimikatz.i!c
RisingMalware.Strealer!8.1EF (CLOUD)
ZillyaTrojan.Mimikatz.Win32.625
McAfee-GW-EditionArtemis!Trojan
JiangminTrojan.PSW.Mimikatz.bcq
Antiy-AVLTrojan/Win32.Tiggre
ZoneAlarmHEUR:Trojan-PSW.Win32.Mimikatz.vho
AhnLab-V3Malware/Gen.Generic.C2992359
VBA32BScope.TrojanPSW.Mimikatz
SentinelOneDFI – Suspicious PE

How to remove Trojan-PSW.Win32.Mimikatz.vho?

Trojan-PSW.Win32.Mimikatz.vho removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment