Trojan

Trojan.Rombertik.Gen.1 (file analysis)

Malware Removal

The Trojan.Rombertik.Gen.1 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Rombertik.Gen.1 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Trojan.Rombertik.Gen.1?



File Info:

crc32: 10ED1FA5
md5: f504ef6e9a269e354de802872dc5e209
name: Copy064046.scr
sha1: 2f9b26b90311e62662c5946a1ac600d2996d3758
sha256: 77bacb44132eba894ff4cb9c8aa50c3e9c6a26a08f93168f65c48571fdf48e2a
sha512: 70f47e35c3fa61e1c6c6ddb79923cc39b79b2862a06211e07976c4388510818975ab3306c8983addf93782de477cf98d7c5f9c926605aa7e4196b3344947ad44
ssdeep: 24576:YnZGGn+1H3M+LmUw8XwI+aowkArKZqShpqdMGwK:83kHckp5oLxMShwD
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: NoVirusThanks Company Srl
InternalName: 
FileVersion: 1.0.0.0
CompanyName: NoVirusThanks Company Srl
LegalTrademarks: 
Comments: NPE File Analyzer
ProductName: NPE File Analyzer
ProductVersion: 1.0.0.0
FileDescription: NPE File Analyzer
OriginalFilename: NPE.exe
Translation: 0x0810 0x04e4

Trojan.Rombertik.Gen.1 also known as:

BkavW32.RombertikHQc.Trojan
MicroWorld-eScanTrojan.Rombertik.Gen.1
CAT-QuickHealBackdoor.Stemelin.A8
Qihoo-360Trojan.Win32.Rombertik.A
McAfeeBackDoor-FCOV!F504EF6E9A26
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusSpyware ( 0055e3db1 )
BitDefenderTrojan.Rombertik.Gen.1
K7GWSpyware ( 0055e3db1 )
CrowdStrikewin/malicious_confidence_60% (W)
TrendMicroBKDR_ROMBERTIK.A
CyrenW32/Trojan.EARP-3140
ESET-NOD32Win32/Spy.Agent.OLJ
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packer.Morder-1
KasperskyTrojan-Spy.Win32.Rombertik.a
AlibabaTrojanSpy:Win32/Rombertik.67456629
NANO-AntivirusTrojan.Win32.DarkKomet.dmeswn
TencentWin32.Trojan.Inject.Auto
Ad-AwareTrojan.Rombertik.Gen.1
EmsisoftTrojan.Rombertik.Gen.1 (B)
ComodoMalware@#plicsblxgj6h
F-SecureTrojan:W32/Rombertik.A
DrWebTrojan.Rombertik.1
ZillyaBackdoor.DarkKomet.Win32.26684
McAfee-GW-EditionBehavesLike.Win32.Worm.th
FortinetW32/Injector.BSLH!tr
FireEyeGeneric.mg.f504ef6e9a269e35
SophosTroj/Delp-AD
IkarusVirus.Rombertik
F-ProtW32/Trojan3.NDZ
WebrootW32.Trojan.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan[Backdoor]/Win32.DarkKomet
Endgamemalicious (high confidence)
ArcabitTrojan.Rombertik.Gen.1
ZoneAlarmTrojan-Spy.Win32.Rombertik.a
MicrosoftTrojan:Win32/Rombertik.D
AhnLab-V3Trojan/Win32.Rombertik.R97967
ALYacTrojan.Rombertik
TACHYONTrojan-Spy/W32.DP-Rombertik.1294848
VBA32TScope.Trojan.Delf
MalwarebytesBackdoor.Bot
PandaTrj/Genetic.gen
TrendMicro-HouseCallBKDR_ROMBERTIK.A
RisingBackdoor.Win32.Rombertik.a (CLOUD)
YandexBackdoor.DarkKomet!j7wjh3Qb3E4
eGambitTrojan.Generic
GDataTrojan.Rombertik.Gen.1
BitDefenderThetaGen:NN.ZelphiF.34106.pH0@aGx0rcpi
AVGWin32:Injector-CPK [Trj]
Cybereasonmalicious.e9a269
AvastWin32:Injector-CPK [Trj]
MaxSecureTrojan.Malware.8003780.susgen

How to remove Trojan.Rombertik.Gen.1?

Trojan.Rombertik.Gen.1 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment