Spy Trojan

Trojan.Spy.ZBot.EQH (B) information

Malware Removal

The Trojan.Spy.ZBot.EQH (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan.Spy.ZBot.EQH (B) virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Authenticode signature is invalid

How to determine Trojan.Spy.ZBot.EQH (B)?


File Info:

name: F6DFC8B373532ADF9BB9.mlw
path: /opt/CAPEv2/storage/binaries/3886aeaccee2201e24036804a026ac4019898749813e7c3307a1cede11f8b5f4
crc32: 3AD3ED7B
md5: f6dfc8b373532adf9bb91dbb16177417
sha1: 83df83e9c8d84383937c74a2e0a119da8e3761dd
sha256: 3886aeaccee2201e24036804a026ac4019898749813e7c3307a1cede11f8b5f4
sha512: 33949f78bcc8ea9927d5ae44dc6ea0597e412c421dfa8559706cb524e7b445e33528c05f0f1bb4ebbc24d883c8afe2a4e320c5576f53f68ebd48189f4f337d0d
ssdeep: 3072:5utnDyl4xeJpFrd/H6R4irS42O4N8TqS2Ux09X9RgqsfsGYT1f:5utDrevFBP6HrS42w2UM9qAR1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T150D3AF6E78C190F3C9B72271AE69762563FFD92420388C43D3680D6D29B4D52B36E74B
sha3_384: 9f4b1780f8def9a167fa889ef1032a513f75c47df416b347b9d4aa041c3ba2a362ab334371460a070e402e8ac8945865
ep_bytes: 558bec83ec10535633f65632dbe882f3
timestamp: 2010-07-15 12:01:52

Version Info:

0: [No Data]

Trojan.Spy.ZBot.EQH (B) also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Spy.ZBot.EQH
ClamAVWin.Trojan.Zeus-6412294-0
FireEyeGeneric.mg.f6dfc8b373532adf
CAT-QuickHealTrojan.Necurs.MUE.A3
McAfeePWS-Zbot.gen.avh
CylanceUnsafe
ZillyaTrojan.Zbot.Win32.14
SangforTrojan.Win32.Save.a
Cybereasonmalicious.373532
VirITTrojan.Win32.Scar.LP
CyrenW32/Zbot.BR.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Spy.Zbot.YW
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Spy.Win32.Zbot.amml
BitDefenderTrojan.Spy.ZBot.EQH
NANO-AntivirusTrojan.Win32.Zbot.bqftr
AvastSf:Crypt-BT [Trj]
TencentTrojan.Win32.Zbot.aaw
Ad-AwareTrojan.Spy.ZBot.EQH
TACHYONTrojan-Spy/W32.ZBot.134656.BD
EmsisoftTrojan.Spy.ZBot.EQH (B)
ComodoTrojWare.Win32.Kazy.MKD@4qchol
DrWebTrojan.PWS.Panda.387
VIPRETrojan.Spy.ZBot.EQH
TrendMicroCryp_Xin1
McAfee-GW-EditionBehavesLike.Win32.ZBot.ch
Trapminemalicious.high.ml.score
SophosML/PE-A + Troj/PWS-BSF
SentinelOneStatic AI – Malicious PE
GDataTrojan.Spy.ZBot.EQH
JiangminTrojanSpy.Zbot.akkg
WebrootW32.Infostealer.Zeus
AviraTR/Spy.Zbot.acyu.4
Antiy-AVLTrojan[Spy]/Win32.Zbot
ArcabitTrojan.Spy.ZBot.EQH
MicrosoftPWS:Win32/Zbot.gen!Y
GoogleDetected
AhnLab-V3Trojan/Win32.Zbot.R4880
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34796.imW@a4l9y6i
ALYacTrojan.Spy.ZBot.EQH
MAXmalware (ai score=81)
VBA32SScope.Trojan.FakeAV.01110
MalwarebytesExtenBro.Trojan.BrowserHijacker.DDS
TrendMicro-HouseCallCryp_Xin1
RisingSpyware.Zbot!1.648A (CLASSIC)
YandexTrojan.GenAsa!dk58NrZ8Y94
IkarusTrojan-Spy.Banker.Citadel
MaxSecureTrojan.Malware.1440897.susgen
FortinetW32/Zbot.AT!tr
AVGSf:Crypt-BT [Trj]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Trojan.Spy.ZBot.EQH (B)?

Trojan.Spy.ZBot.EQH (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment