About “Trojan.Spy.Banker.ZLM” infection

The Trojan.Spy.Banker.ZLM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Spy.Banker.ZLM virus can do?

Executable code extraction
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Trojan.Spy.Banker.ZLM?


File Info:
crc32: E29B1A9D
md5: 7783048ff714c8de19348f1efbe20768
name: 7783048FF714C8DE19348F1EFBE20768.mlw
sha1: 1dcf98d292e65cdcddf2028cd6311224fa6b0f0d
sha256: 9ede035701d4053633c48e22a59d2dd19a9e7a337a06f7bcf966726a9fffdd79
sha512: 16d236c2620feddf03c07352ef729ca72a660d30dbf960590942da0f6f57c2a2e1abd16315a8acdedf6c4bdba45d9a98427e6a11b27f9c2e891340dec0f1856c
ssdeep: 12288:6JcaoWAzv69iOYgciWDGn5Md7FDABJcaoWAzv69iOYgciWDG9JcaoWAzv69iOYg:7Gn5MHZGaG
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0409 0x04b0
LegalCopyright: abas
InternalName: 6
FileVersion: 1.00
CompanyName: abas
LegalTrademarks: abas
ProductName: abas
ProductVersion: 1.00
FileDescription: abas
OriginalFilename: 6.exe

Trojan.Spy.Banker.ZLM also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Riskware ( 0040eff71 )
DrWeb	Trojan.PWS.Bancos.6854
ClamAV	Win.Keylogger.Bancos-7367889-0
McAfee	Artemis!7783048FF714
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Alibaba	TrojanBanker:Win32/Bancos.3f2720f3
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.ff714c
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Malware-gen
Cynet	Malicious (score: 99)
Kaspersky	Trojan-Banker.Win32.Bancos.abw
BitDefender	Trojan.Spy.Banker.ZLM
NANO-Antivirus	Trojan.Win32.Bancos.yehe
MicroWorld-eScan	Trojan.Spy.Banker.ZLM
Tencent	Win32.Trojan-banker.Bancos.Aiid
Ad-Aware	Trojan.Spy.Banker.ZLM
Sophos	Mal/VBBanc-A
BitDefenderTheta	AI:Packer.3E0DC15020
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.VirRansom.tm
FireEye	Generic.mg.7783048ff714c8de
Emsisoft	Trojan.Spy.Banker.ZLM (B)
Webroot	W32.Malware.Gen
Avira	HEUR/AGEN.1115314
eGambit	Generic.PSW
Kingsoft	Win32.Troj.Banker.(kcloud)
Microsoft	TrojanSpy:Win32/Banker
Arcabit	Trojan.Spy.Banker.ZLM
AegisLab	Trojan.Win32.Bancos.7!c
GData	Trojan.Spy.Banker.ZLM
TACHYON	Banker/W32.Bancos.1867776
AhnLab-V3	Trojan/Win32.Bancos.C759423
VBA32	TrojanBanker.Bancos
MAX	malware (ai score=99)
Panda	Trj/Genetic.gen
Rising	Malware.Undefined!8.C (CLOUD)
Yandex	Trojan.GenAsa!NunCGqBALSU
Ikarus	Trojan-Spy.Win32.Bancos.abw
Fortinet	W32/Bancos.A!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Trojan.Spy.Banker.ZLM?

Trojan.Spy.Banker.ZLM removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X