Trojan

Trojan.Renos.PNA information

Malware Removal

The Trojan.Renos.PNA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.Renos.PNA virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Checks for the presence of known devices from debuggers and forensic tools
  • Checks for the presence of known devices from debuggers and forensic tools
  • Deletes executed files from disk

How to determine Trojan.Renos.PNA?


File Info:

name: 89A0774163D396E94113.mlw
path: /opt/CAPEv2/storage/binaries/5a3e3347bb7267b98032ac1d72ac81b11fb01ee110fe9da121310e6dc8216da1
crc32: A9CDA21D
md5: 89a0774163d396e94113372e34cc1ab2
sha1: d774406f24908b3529fc3bb9a8547d0d571413ec
sha256: 5a3e3347bb7267b98032ac1d72ac81b11fb01ee110fe9da121310e6dc8216da1
sha512: d737e4c4881bee9bf6dbfb276e65cd3bca6f43b59741ea760a3aba2bfc155b8c83dbc915ce2b711f0f109effc0770edd72ff3aa240a26c034151659709169937
ssdeep: 1536:l/KVvhq8aP//mEGE7NqeT0GQpTLSsE9mQZjFE4ahXohF5kYlmM4Q7/hsULFfpuv:xHx/mRE0e0Ga/E9DFt2ohFrlN/2+RI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AD14392FC022F6FBE0254872853A11D2B289BB5B22525F4E0B9D594B571ECBF831747B
sha3_384: 5f9b1c6b39c29f63933529d8de0d023e8b6ea7bdc5d05f969fd84176f1f69f51b9f0134ae1136c552f9100dc0d3f1278
ep_bytes: 558bec83c4eca144cb42008b45ec8b0d
timestamp: 2009-12-22 00:36:05

Version Info:

Comments:
CompanyName: Sun Microsystems, Inc.
FileDescription: 3SysSunw setup
FileVersion: 4.0.0.275
InternalName: nnoyysc0.exe
LegalCopyright: Copyright © 2010 SysSun6 All rights reserved.yp
LegalTrademarks:
OriginalFilename: nnoyysc0.exe
ProductName: YI u
ProductVersion: 4.0.0.275
Translation: 0x0409 0x04e4

Trojan.Renos.PNA also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Jorik.4!c
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.Renos.PNA
FireEyeGeneric.mg.89a0774163d396e9
CAT-QuickHealTrojan.Renos.LN
ALYacTrojan.Renos.PNA
CylanceUnsafe
ZillyaTrojan.FakeAV.Win32.118131
SangforTrojan.Win32.Renos.pso
K7AntiVirusTrojan ( 002a142f1 )
BitDefenderTrojan.Renos.PNA
K7GWTrojan ( 002a142f1 )
Cybereasonmalicious.163d39
BitDefenderThetaGen:NN.ZexaF.34682.ly0@aKc2o9fi
VirITTrojan.Win32.Crypt.AKCY
CyrenW32/Downloader.CO.gen!Eldorado
SymantecTrojan.FakeAV!gen63
Elasticmalicious (high confidence)
ESET-NOD32Win32/TrojanDownloader.FakeAlert.BBT
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Downloader.112573-1
KasperskyTrojan.Win32.Arto.cwy
AlibabaTrojanDownloader:Win32/FakeAlert.957cdac6
NANO-AntivirusTrojan.Win32.Jorik.djdzj
CynetMalicious (score: 100)
RisingDownloader.Renos!8.1D0 (TFE:1:TOk1uu3hQoI)
Ad-AwareTrojan.Renos.PNA
EmsisoftTrojan.Renos.PNA (B)
ComodoTrojWare.Win32.Kryptik.BQ@3xt3xs
DrWebTrojan.Siggen.64692
VIPRETrojan.Renos.PNA
TrendMicroTROJ_JORIK.SMAE
McAfee-GW-EditionDownloader-CEW.au
Trapminesuspicious.low.ml.score
SophosML/PE-A + Mal/FakeAV-IZ
IkarusTrojan-Downloader.Win32.Renos
JiangminTrojan/Jorik.audb
WebrootW32.Malware.Downloader
AviraTR/Dldr.Renos.pso
Antiy-AVLTrojan/Generic.ASMalwS.243
MicrosoftTrojanDownloader:Win32/Renos.PT
GDataTrojan.Renos.PNA
GoogleDetected
AhnLab-V3Trojan/Win32.FakeAV.R8995
McAfeeDownloader-CEW.au
MAXmalware (ai score=100)
VBA32BScope.Trojan.Zbot.01393
PandaAdware/ResonatorA
TrendMicro-HouseCallTROJ_JORIK.SMAE
TencentMalware.Win32.Gencirc.10b9ee17
YandexTrojan.DL.FakeAlert!BQdXMPCOweU
SentinelOneStatic AI – Malicious PE
FortinetW32/Krypt.QKV!tr
AVGWin32:MalOb-GU [Cryp]
AvastWin32:MalOb-GU [Cryp]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Trojan.Renos.PNA?

Trojan.Renos.PNA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment