Trojan

Trojan-PSW.Win32.Stealer.xal removal

Malware Removal

The Trojan-PSW.Win32.Stealer.xal is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-PSW.Win32.Stealer.xal virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Manipulates data from or to the Recycle Bin
  • The binary contains an unknown PE section name indicative of packing
  • Creates an autorun.inf file
  • Authenticode signature is invalid
  • Checks for the presence of known devices from debuggers and forensic tools
  • Harvests cookies for information gathering

How to determine Trojan-PSW.Win32.Stealer.xal?



File Info:

name: 3165E2DA500E37929A34.mlw
path: /opt/CAPEv2/storage/binaries/1e774778ab6fad367f0cfbe8f9561015e5006165aa5f1bd6b681986b69ba4e2f
crc32: 539FFE23
md5: 3165e2da500e37929a34f63916aa8d42
sha1: c97c47a086c8214bb3b13b5868a2a1065990e3e9
sha256: 1e774778ab6fad367f0cfbe8f9561015e5006165aa5f1bd6b681986b69ba4e2f
sha512: 9df6b478a444a26b986fc17f9110586f4e2754731aa067beecde456f268d737e9aae6b4838a3f842853f97a1e31a431e2d3fe39cf1d794b5b61618b91efb007c
ssdeep: 24576:HDrDOUJTpHSHs0C5PQzxHEPgsesXuNDtk16oelhwAPR+LH+M7nfs3X1Mpi8FpLOb:H/ex5Rb+16DAqo1GD1+OFUb02Ul
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T156B54A91FCEB50F6DA0F757149AB926F2320620A8775DBC7C7001EAAE817BE11933725
sha3_384: 6dd99c9ae9bb73a95a65b1f18c12e366d5eadc10bbe158c503a6d72428c67e48ed9c109dc047e3b54dfc4af4b9eef316
ep_bytes: e99bdbffffcccccccccccccccccccccc
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Trojan-PSW.Win32.Stealer.xal also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Convagent.i!c
MicroWorld-eScanTrojan.GenericKD.38135685
FireEyeTrojan.GenericKD.38135685
McAfeeGenericRXAA-AA!3165E2DA500E
CylanceUnsafe
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojanPSW:Win32/Stealer.a3c76101
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.086c82
SymantecML.Attribute.HighConfidence
KasperskyTrojan-PSW.Win32.Stealer.xal
BitDefenderTrojan.GenericKD.38135685
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKD.38135685
SophosMal/Generic-S
McAfee-GW-EditionBehavesLike.Win32.TrojanVeil.vh
EmsisoftTrojan.GenericKD.38135685 (B)
GDataTrojan.GenericKD.38135685
JiangminTrojan.Generic.dndll
AviraTR/Redcap.qydkf
MAXmalware (ai score=82)
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.R293632
ALYacTrojan.GenericKD.38135685
APEXMalicious
SentinelOneStatic AI – Suspicious PE
FortinetW32/PossibleThreat
WebrootW32.Malware.Gen
AVGWin32:Malware-gen

How to remove Trojan-PSW.Win32.Stealer.xal?

Trojan-PSW.Win32.Stealer.xal removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment