Trojan-Spy.Win32.Stealer.aopb malicious file

The Trojan-Spy.Win32.Stealer.aopb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Spy.Win32.Stealer.aopb virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Reads data out of its own binary image
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Trojan-Spy.Win32.Stealer.aopb?


File Info:
name: E62C3D1288F16B176744.mlw
path: /opt/CAPEv2/storage/binaries/219d0698641e552304ed18bf5f7afee5f40e31629fc2da418a2ad1c34d3951de
crc32: 5F0FB71A
md5: e62c3d1288f16b1767440738c5e82f2b
sha1: 520f8c79df8b73102c99c74e23a757bf4ad97b4e
sha256: 219d0698641e552304ed18bf5f7afee5f40e31629fc2da418a2ad1c34d3951de
sha512: e313baa45f76abeb8c91e864873724e4c0a14f266d3cba0f33026b8ece74a58f83f28170e0514af5078c916919ecebb3545725a88865e7ae5ac5d4a0117c79b2
ssdeep: 98304:dFZ1VDO/FZXkvbxMFkSMy9MawoouGqanjyOjEb/WWin7m:ZXAFZkv9XObw9pn+wsehm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13A563336758F9033FCEA05314D8C8A107835BE6C0F29F70E2F51BA586E39A168F65B56
sha3_384: 1ee4cb0d9a8d92c28e548fc77395213689303b4f759cf0b9f7ee0439a9c61e231769e8c0eb96e9dd30e0694ad61d370a
ep_bytes: e885630000e978feffff8bff558bec56
timestamp: 2015-02-15 08:00:31

Version Info:
FileDescription: Farweltered
InternalName: Postdetermined
OriginalFilename: Motorcamper
CompanyName: Gourmandism
LegalCopyright: Unbefittingness
ProductName: Polymetallism
FileVersion: 4.3.9.8
ProductVersion: 4.3.9.8
Comments: Trophodynamic
LegalTrademarks: Selfconvicting
Title: Mediastinotomy
Assembly Version: 4.3.9.8
Translation: 0x0409 0x04b0

Trojan-Spy.Win32.Stealer.aopb also known as:

Lionic	Trojan.MSIL.Convagent.i!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.47587086
FireEye	Trojan.GenericKD.47587086
CAT-QuickHeal	Trojanpws.Msil
ALYac	Trojan.GenericKD.47587086
Cylance	Unsafe
K7AntiVirus	Trojan ( 0058b6cb1 )
Alibaba	TrojanSpy:Win32/Stealer.24b51620
K7GW	Trojan ( 0058b6cb1 )
Cybereason	malicious.9df8b7
Cyren	W32/Stealer.S.gen!Eldorado
Symantec	Trojan.Gen.2
ESET-NOD32	multiple detections
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan-Spy.Win32.Stealer.aopb
BitDefender	Trojan.GenericKD.47587086
Avast	Win32:Trojan-gen
Ad-Aware	Trojan.GenericKD.47587086
Sophos	Mal/Generic-S
McAfee-GW-Edition	GenericRXRA-NF!C565B6A953D2
Emsisoft	Trojan.GenericKD.47587086 (B)
SentinelOne	Static AI – Malicious SFX
GData	Win64.Trojan.Agent.HFVFDS
Avira	TR/Kryptik.zxvmp
Gridinsoft	Ransom.Win32.Sabsik.sa
ViRobot	Trojan.Win32.Z.Agent.6158622
Microsoft	Trojan:Win32/Tiggre!rfn
Cynet	Malicious (score: 99)
McAfee	Artemis!E62C3D1288F1
MAX	malware (ai score=82)
VBA32	TScope.Malware-Cryptor.SB
Malwarebytes	Trojan.MalPack
TrendMicro-HouseCall	TROJ_GEN.R002H0DL721
Yandex	Trojan.GenAsa!l3ZfBja75G8
Ikarus	Trojan.Win32.Krypt
Fortinet	W32/Agent.707A!tr
BitDefenderTheta	Gen:NN.ZexaF.34084.ID0aaytPbRj
AVG	Win32:Trojan-gen
Panda	Trj/CI.A

How to remove Trojan-Spy.Win32.Stealer.aopb?

Trojan-Spy.Win32.Stealer.aopb removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X