Trojan

How to remove “Trojan-PSW.Win32.Stealer.bfcu”?

Malware Removal

The Trojan-PSW.Win32.Stealer.bfcu is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-PSW.Win32.Stealer.bfcu virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Behavioural detection: Injection with CreateRemoteThread in a remote process
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan-PSW.Win32.Stealer.bfcu?



File Info:

name: FBBC756873CD28402CAE.mlw
path: /opt/CAPEv2/storage/binaries/ae470f11d26ae289e707a9023c6bfe4286336c0ba5c803b01f01f51e4b697d93
crc32: 160F779D
md5: fbbc756873cd28402cae01a14e627a26
sha1: 097510db39defef7086025fd9653f26c7eafc668
sha256: ae470f11d26ae289e707a9023c6bfe4286336c0ba5c803b01f01f51e4b697d93
sha512: a8c01ae157023ef9cb5576ae8d93ccdaf008f1d7473df635de21b6b43856f403c462ff20abad916428248122616faa12a824cd446a80ae7a38d8affbfa5ebb10
ssdeep: 196608:nCbM3xzzELEILDTVHJack+YlGlSRRbCv2:nqYzzEwILXacJYlTFr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FB76E023A0CB1070EC6B1A3A7DF21562367E0D8CE4466CA924E47ADBB572F485E4F771
sha3_384: 565b6c4b96320d892a4d0feacfeec67b0ba4c4e9ccf90db28d600c35f3f1549c503ea539531cdd861f1383bdf6537852
ep_bytes: 5589e583ec08c7042402000000ff1590
timestamp: 2023-03-19 12:13:39


Version Info:

0: [No Data]

Trojan-PSW.Win32.Stealer.bfcu also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Stealer.12!c
McAfeeArtemis!FBBC756873CD
SangforInfostealer.Win32.Agent.V5zl
AlibabaTrojanPSW:Win32/Stealer.2917863f
CyrenW32/ABRisk.MNHI-0862
KasperskyTrojan-PSW.Win32.Stealer.bfcu
AvastWin32:Malware-gen
TencentWin32.Trojan-QQPass.QQRob.Vimw
SophosMal/Generic-S
ZillyaTrojan.Stealer.Win32.47723
McAfee-GW-EditionArtemis
ZoneAlarmTrojan-PSW.Win32.Stealer.bfcu
GoogleDetected
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H07IH23
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Trojan-PSW.Win32.Stealer.bfcu?

Trojan-PSW.Win32.Stealer.bfcu removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment