About “Trojan-Spy.Win32.Noon.dob” infection

The Trojan-Spy.Win32.Noon.dob is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Spy.Win32.Noon.dob virus can do?

Presents an Authenticode digital signature
Performs HTTP requests potentially not found in PCAP.
Authenticode signature is invalid
Attempts to modify proxy settings

How to determine Trojan-Spy.Win32.Noon.dob?


File Info:
name: 8AF4F9CD76C8D9158665.mlw
path: /opt/CAPEv2/storage/binaries/f7d2dcd717d1802437f9675107e07e1e05f8a6607448aac7c6ec5a9510095c08
crc32: 2E3585A7
md5: 8af4f9cd76c8d9158665b8eda2f3a586
sha1: 6ed78572ec4e7831b4b627aafd42bf81dac5b99d
sha256: f7d2dcd717d1802437f9675107e07e1e05f8a6607448aac7c6ec5a9510095c08
sha512: e13c8e34b56b820435d44120b7afa82bf0d2230ac7e53fa1aa10b35e79606d55d8691b127085d7622830a3520d78bc9a92f06341bfe89558d4c83639003041f6
ssdeep: 6144:wnQ2PUkO56b5YxRH99IiEKeGglkrKUmei11LR2Ve81mfWTBL3yAO8rx5hcVj6NuM:wQ7AuRXIiqZlkrKvR1T2GWTt3yerx7eM
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1DDC49D41BBB2C172C862417148A9E31D55B9BDB04F3649E7F3E81F0D1EB16C1AA377A2
sha3_384: 42808d6e493f91039dc7f87c86a4f3658c1846dd28ce9c65f256a33c80186d863d339557e75cf9dd38d3e1b3266cdf87
ep_bytes: e859ea0000e987feffff558bec8b4508
timestamp: 2016-10-28 07:53:26

Version Info:
CompanyName: Adobe Systems Incorporated
FileDescription: LogTransport Application
FileVersion: 7.1.1.3403
InternalName: LogTransport2
LegalCopyright: Copyright 2008-15 Adobe Systems Incorporated. All rights reserved.
OriginalFilename: LogTransport2.exe
PrivateBuild: 7.1.1.3403
ProductName:  LogTransport Application
ProductVersion: 7.1.1.3403
Translation: 0x0409 0x04b0

Trojan-Spy.Win32.Noon.dob also known as:

Bkav	W32.Common.F7E2FA9F
Lionic	Trojan.Win32.Noon.l!c
Elastic	malicious (moderate confidence)
Skyhigh	Artemis!Trojan
McAfee	Artemis!8AF4F9CD76C8
Sangfor	Spyware.Win32.Noon.V0pz
Alibaba	TrojanSpy:Win32/Generic.49aa9b15
CrowdStrike	win/malicious_confidence_70% (W)
APEX	Malicious
Kaspersky	Trojan-Spy.Win32.Noon.dob
Avast	FileRepMalware [Misc]
Trapmine	malicious.moderate.ml.score
ZoneAlarm	Trojan-Spy.Win32.Noon.dob
Cylance	unsafe
Rising	Spyware.Noon!8.E7C9 (CLOUD)
Fortinet	W32/Noon.DOB!tr
AVG	FileRepMalware [Misc]

How to remove Trojan-Spy.Win32.Noon.dob?

Trojan-Spy.Win32.Noon.dob removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X