Trojan

About “Trojan.PWS.Onlinegames.KEGA” infection

Malware Removal

The Trojan.PWS.Onlinegames.KEGA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.PWS.Onlinegames.KEGA virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.PWS.Onlinegames.KEGA?



File Info:

name: BF50A5822215A9C89123.mlw
path: /opt/CAPEv2/storage/binaries/4b02dac77d80fc8aa0757da69c78612c707c09d187d7a638154aabbc5ca10140
crc32: D2B8BD49
md5: bf50a5822215a9c891233dca6b862722
sha1: 4869399d686e2e5ddc65c516ecd5874bd4f7f247
sha256: 4b02dac77d80fc8aa0757da69c78612c707c09d187d7a638154aabbc5ca10140
sha512: 0c695aa00283467156d4a4cd7304517cc8608e6e0ab2ef34642b9fe3ddedd23a482fc4f3f76a0f4472f7e7540a9c754f3676c10c27fef9e8a83f21d31115d792
ssdeep: 1536:V8O9Nn6RjriDeRYWkFeZu7RDTq8wlpOev3/9exIxgw5yt3:2Oz6VWNFFeYlHqfpOevP9exI+h3
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1A363BEA05A3A6674F76FC77BCABB39394A1423F3B903B05F5424A09215B21C3BF0254E
sha3_384: 60f5b41ebc2983643ad9e0a9963d43be2ab7f0449aed0a03fdc3e82a391d72aef2e26731ea780db9415423d447322080
ep_bytes: 807c2408010f85b901000060be009000
timestamp: 2011-03-25 13:15:08


Version Info:

0: [No Data]

Trojan.PWS.Onlinegames.KEGA also known as:

BkavW32.FamVT.Kykymber.P.Trojan
LionicTrojan.Win32.Generic.llBx
DrWebTrojan.PWS.Qq.5
MicroWorld-eScanTrojan.PWS.Onlinegames.KEGA
ClamAVWin.Trojan.Agent-365663
FireEyeGeneric.mg.bf50a5822215a9c8
CAT-QuickHealTrojan.OnLineGames.gen
SkyhighBehavesLike.Win32.PWSOnlineGames.km
McAfeePWS-OnlineGames.ke
Cylanceunsafe
ZillyaTrojan.Kykymber.Win32.1918
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0037c4831 )
AlibabaTrojanPSW:Win32/Kykymber.88e635a3
K7GWTrojan ( 0037c4831 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitTrojan.PWS.Onlinegames.KEGA
BitDefenderThetaAI:Packer.E364E0C820
SymantecInfostealer.Gampass
Elasticmalicious (moderate confidence)
ESET-NOD32Win32/PSW.Kykymber.AA
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-PSW.Win32.Kykymber.doux
BitDefenderTrojan.PWS.Onlinegames.KEGA
NANO-AntivirusTrojan.Win32.OnLineGames.bkxdd
AvastWin32:Trojan-gen
TencentTrojan.PSW.Win32.MiBao.a
TACHYONTrojan-PWS/W32.Kykymber.79276.C
EmsisoftTrojan.PWS.Onlinegames.KEGA (B)
F-SecureDropper.DR/PSW.Kykymber.JZ
BaiduWin32.Trojan-PSW.OLGames.j
VIPRETrojan.PWS.Onlinegames.KEGA
TrendMicroTSPY_KYMBER.SMDV
SophosMal/PWS-GZ
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Generic.efis
WebrootW32.Infostealer.Onlinegames.Gen
GoogleDetected
AviraDR/PSW.Kykymber.JZ
Antiy-AVLTrojan[PSW]/Win32.Kykymber
KingsoftWin32.PSWTroj.Undef.a
XcitiumTrojWare.Win32.PSW.GamePass.F@35ift2
MicrosoftPWS:Win32/OnLineGames
ViRobotTrojan.Win32.A.PSW-Kykymber.49524.D[UPX]
ZoneAlarmTrojan-PSW.Win32.Kykymber.doux
GDataWin32.Trojan-Spy.OnlineGames.N
VaristW32/OnlineGames.FL.gen!Eldorado
AhnLab-V3Win-Trojan/OnlineGameHack45.Gen
Acronissuspicious
VBA32BScope.TrojanPSW.QQPass
ALYacTrojan.PWS.Onlinegames.KEGA
MAXmalware (ai score=100)
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Kykymber.A
TrendMicro-HouseCallTSPY_KYMBER.SMDV
RisingTrojan.PSW.Win32.OnlineGame.bdi (CLASSIC)
YandexTrojan.GenAsa!Si4mNaku/Qk
IkarusTrojan-PWS.Win32.Kykymber
MaxSecurenot-a-virus-PSW-OnlineGames.Gen
FortinetW32/Onlinegames.XQB!tr
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS

How to remove Trojan.PWS.Onlinegames.KEGA?

Trojan.PWS.Onlinegames.KEGA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment