Categories: SpyTrojan

Trojan-Spy.Win32.AveMaria.dku malicious file

The Trojan-Spy.Win32.AveMaria.dku is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan-Spy.Win32.AveMaria.dku virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (2 unique times)
Creates RWX memory
Reads data out of its own binary image
Drops a binary and executes it
A scripting utility was executed
Attempts to remove evidence of file being downloaded from the Internet
Installs itself for autorun at Windows startup
Creates a hidden or system file
Attempts to modify proxy settings
Creates a copy of itself

Related domains:

google.ru

minekroft.duckdns.org

How to determine Trojan-Spy.Win32.AveMaria.dku?


File Info:
crc32: 652EE1C7md5: bd229171170d566e778978f4e19ee1e4name: NEW ORDER #102020.exesha1: 260cb2c167c2a2510ae9dfa1ecc166c9f72f49e3sha256: d0730147283a7764f29031afd0b03018a1f921cbb25f25d4560b126ca31e326bsha512: 39fe43f0daf520cad32f67cbbff9aaeb34ad4e84431dfa727cf18a4ef6d900504118b61bc9fb0d292635500ef003afc4eb1745ba47add953991007cb40db7a47ssdeep: 24576:lUpNI4+YoyYNDLNlPsWERLvD7gpN+8TVU4:O84+m0DL3Ps7gXhU4type: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

Trojan-Spy.Win32.AveMaria.dku also known as:

DrWeb	Trojan.PWS.Siggen2.56786
MicroWorld-eScan	Trojan.GenericKD.44018683
ALYac	Trojan.GenericKD.44018683
VIPRE	Trojan.Win32.Generic!BT
K7AntiVirus	Trojan ( 00570b091 )
BitDefender	Trojan.GenericKD.44018683
K7GW	Trojan ( 00570b091 )
TrendMicro	Trojan.Win32.MALREP.THJOHBO
Cyren	W32/Kryptik.BKJ.gen!Eldorado
Symantec	Ransom.Wannacry
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Packed.Razy-9775756-0
Kaspersky	Trojan-Spy.Win32.AveMaria.dku
Alibaba	TrojanSpy:Win32/AveMaria.e7a9c971
ViRobot	Trojan.Win32.Z.Pws.2201088
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	Trojan.GenericKD.44018683
TACHYON	Trojan-Spy/W32.AveMaria.2201088
Sophos	Troj/Miner-ZG
Comodo	Malware@#r541ebfanjh1
F-Secure	Trojan.TR/AD.MortyStealer.usvqg
Invincea	Mal/Generic-S + Troj/Miner-ZG
McAfee-GW-Edition	Generic trojan.kk
FireEye	Trojan.GenericKD.44018683
Emsisoft	Trojan.GenericKD.44018683 (B)
Ikarus	Trojan.Win32.BadJoke
Jiangmin	TrojanSpy.AveMaria.ku
MaxSecure	Trojan.Malware.107817027.susgen
Avira	TR/AD.MortyStealer.usvqg
Microsoft	Trojan:Win32/Tiggre!rfn
Arcabit	Trojan.Generic.D29FABFB
ZoneAlarm	Trojan-Spy.Win32.AveMaria.dku
GData	Trojan.GenericKD.44018683
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Kryptik.R352840
McAfee	GenericRXAA-AA!BD229171170D
MAX	malware (ai score=87)
VBA32	TrojanSpy.AveMaria
Malwarebytes	Backdoor.AveMaria
Zoner	Trojan.Win32.95821
ESET-NOD32	Win32/Agent.TJS
TrendMicro-HouseCall	Trojan.Win32.MALREP.THJOHBO
Rising	Trojan.Generic@ML.87 (RDMK:U1XHFlwjqty7z6Sykot8lw)
eGambit	Unsafe.AI_Score_96%
Fortinet	PossibleThreat.MU
Webroot	W32.Malware.Gen
AVG	Win32:TrojanX-gen [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_60% (W)
Qihoo-360	Win32/Trojan.Spy.331