Trojan

Trojan-PSW.Win32.Stelega.fbl information

Malware Removal

The Trojan-PSW.Win32.Stelega.fbl is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-PSW.Win32.Stelega.fbl virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

wpad.local-net

How to determine Trojan-PSW.Win32.Stelega.fbl?



File Info:

name: 2AE7747A8E739E4EB368.mlw
path: /opt/CAPEv2/storage/binaries/08db043f7c25e9cbd32f9d2ef24097b677dec432e6d3bdcec35d214a49af9288
crc32: A9175F36
md5: 2ae7747a8e739e4eb3689bc844f5d1a3
sha1: c0998623b4dace13e18ca0079a026bb6ed1460a4
sha256: 08db043f7c25e9cbd32f9d2ef24097b677dec432e6d3bdcec35d214a49af9288
sha512: 99d969dc0a0bbc7c5f6ab08fb7acdd64d5ff611fe77928dc60d0632df7a55060da7d436065b28d53834cee48aa898aef1940b02bfdd855988ed4d3687c6f319b
ssdeep: 49152:laauAx5Tnbhlrb/T1vO90dL3BmAFd4A64nsfJzZQz2ngdG94MjTHt1ogkZ5ZAP3L:laKvK6PM49Jpk4TNcEA7XI/J6
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1D5765D43F89164E8C1AEC130866B8262BB767889073067E77F64D7B52F12FD46E79324
sha3_384: 756fb1030153bcd0909bebb3dbe842c6362419e09b8af6e535b4bc982279e5c7e1f8690218d94879d59bc302e8b63cc6
ep_bytes: 4883ec28488b05a5a86d00c700010000
timestamp: 2021-11-14 11:07:21


Version Info:

0: [No Data]

Trojan-PSW.Win32.Stelega.fbl also known as:

LionicTrojan.Win32.Stelega.i!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.38104742
FireEyeTrojan.GenericKD.38104742
McAfeeArtemis!2AE7747A8E73
AlibabaTrojanPSW:Win32/Stelega.cbf7ac34
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
CyrenW64/Agent.DNC.gen!Eldorado
KasperskyTrojan-PSW.Win32.Stelega.fbl
BitDefenderTrojan.GenericKD.38104742
AvastWin64:Malware-gen
Ad-AwareTrojan.GenericKD.38104742
McAfee-GW-EditionArtemis
EmsisoftTrojan.GenericKD.38104742 (B)
GDataTrojan.GenericKD.38104742
AviraHEUR/AGEN.1145349
MAXmalware (ai score=84)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
MalwarebytesSpyware.PasswordStealer
IkarusTrojan-PSW.Agent
FortinetMalicious_Behavior.SB
AVGWin64:Malware-gen

How to remove Trojan-PSW.Win32.Stelega.fbl?

Trojan-PSW.Win32.Stelega.fbl removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment