Trojan-Spy.Win32.Xegumumune.dah removal

The Trojan-Spy.Win32.Xegumumune.dah is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Spy.Win32.Xegumumune.dah virus can do?

Executable code extraction
Creates RWX memory
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Trojan-Spy.Win32.Xegumumune.dah?


File Info:
crc32: 87270E21
md5: c6a29af33202ffcb03505064fd44cefb
name: ndfvjhgsdf.exe
sha1: 8e16260f12f914cbfa806d048aad75ad41b53704
sha256: 2fe64062650fb581315d8529ca886edfd079b18e106520c828300d2b4eb187c3
sha512: 4348f8da646fb9454ac0d935e03c65484cec5ecfd3fc66a8679af13a851e56be1dc76d4a465f16af4093fdc261e775526c0763bd324e6c6026c2b570068a6b7d
ssdeep: 1536:W/4qN8OhThvN2rYXfvGiAZiylQccC4E87h9meqN8OhThvN2rYXfvGiAZij/:yNhP9GiIi2cC4N3mzhP9GiIiT
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x03fc 0x04b0
InternalName: scle
FileVersion: 1.00
CompanyName: broodle
ProductName: Xiphost1
ProductVersion: 1.00
OriginalFilename: scle.exe

Trojan-Spy.Win32.Xegumumune.dah also known as:

DrWeb	Trojan.DownLoader32.44772
MicroWorld-eScan	Gen:Variant.Razy.598585
FireEye	Gen:Variant.Razy.598585
McAfee	Fareit-FRA!C6A29AF33202
ALYac	Trojan.Agent.114688C
Cylance	Unsafe
AegisLab	Trojan.Multi.Generic.4!c
Sangfor	Malware
CrowdStrike	win/malicious_confidence_90% (W)
BitDefender	Gen:Variant.Razy.598585
K7GW	Trojan ( 0055e6e81 )
K7AntiVirus	Trojan ( 0055e6e81 )
BitDefenderTheta	Gen:NN.ZevbaF.33558.hm0@aSzRyNdG
F-Prot	W32/VBInject.ACE.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
GData	Gen:Variant.Razy.598585
Kaspersky	Trojan-Spy.Win32.Xegumumune.dah
Sophos	Mal/FareitVB-X
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Emotet.ch
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Razy.598585 (B)
Ikarus	Trojan.Win32.Injector
Cyren	W32/VBInject.ACE.gen!Eldorado
Arcabit	Trojan.Razy.D92239
ZoneAlarm	Trojan-Spy.Win32.Xegumumune.dah
Microsoft	Trojan:Win32/Wacatac.B!ml
MAX	malware (ai score=80)
Ad-Aware	Gen:Variant.Razy.598585
Malwarebytes	Trojan.MalPack.VB
APEX	Malicious
ESET-NOD32	a variant of Win32/Injector.EJTS
Fortinet	W32/EJTS.X!tr
AVG	FileRepMalware
Qihoo-360	Win32/Trojan.Spy.4ac

How to remove Trojan-Spy.Win32.Xegumumune.dah?

Trojan-Spy.Win32.Xegumumune.dah removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X