Trojan

Trojan.Win32.Bingoml.cele removal instruction

Malware Removal

The Trojan.Win32.Bingoml.cele is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Bingoml.cele virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Creates a hidden or system file

How to determine Trojan.Win32.Bingoml.cele?



File Info:

name: CBC2DBF7A12021BDF85D.mlw
path: /opt/CAPEv2/storage/binaries/1032dc8c4feb6c18408cc49cb6745d220870fff06a34e32e2e884fb995f2f3fc
crc32: A4F68366
md5: cbc2dbf7a12021bdf85deed5eba1ffdc
sha1: 9371618aeddf60492313b421ed010419c3420ee1
sha256: 1032dc8c4feb6c18408cc49cb6745d220870fff06a34e32e2e884fb995f2f3fc
sha512: 9b962f0e3ab6de481330122270d623d1ee3c0514d04584b49e08a818fb57ad5cfd6687e32e432e1237106428fee43efb4dc77971dbabc88a191dceee16aa6fe6
ssdeep: 6144:zNeeqnuqGLmFfxlBml3Vspu0aSBsRzYLAw/uAyY5Th5UgK:zNeSqrdkspW0VLAw2Aymd5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1274423B19D023976D4644B724759602760843C334B087DE6AEAFA1D75D3A0C3FAA3A7F
sha3_384: d73da6db86a0f8343c0922c1917977d05b508d9bcf86b277afc0d2ad6702aac476f5df11f588c1fbda1c844325b452ed
ep_bytes: 60be009046008dbe0080f9ff57eb0b90
timestamp: 2016-05-10 22:18:20


Version Info:

CompanyName: Masquerade Repack
FileDescription: Verify Tool
FileVersion:  0. 0. 0. 0
InternalName: 
LegalCopyright: Masquerade Repack
LegalTrademarks: 
OriginalFilename: Verify.exe
ProductName: Verify Tool
ProductVersion:  0. 0. 0. 0
Comments: 
Translation: 0x0409 0x04e4

Trojan.Win32.Bingoml.cele also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanDropped:Trojan.GenericKD.38022227
FireEyeGeneric.mg.cbc2dbf7a12021bd
McAfeeArtemis!CBC2DBF7A120
CylanceUnsafe
SangforTrojan.Win32.Bingoml.cele
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:Win32/Bingoml.a14c3fbe
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.CoinMiner-9866354-1
KasperskyTrojan.Win32.Bingoml.cele
BitDefenderDropped:Trojan.GenericKD.38022227
NANO-AntivirusTrojan.Win32.Samca.elotdn
SUPERAntiSpywareTrojan.Agent/GenericKD
AvastWin32:Malware-gen
TencentWin32.Trojan.Bingoml.Tcby
Ad-AwareDropped:Trojan.GenericKD.38022227
SophosMal/Generic-S
ComodoMalware@#inhpl6jql3r6
F-SecureDropper.DR/Delphi.Gen
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0WHL21
McAfee-GW-EditionBehavesLike.Win32.MultiDropper.dc
EmsisoftDropped:Trojan.GenericKD.38022227 (B)
SentinelOneStatic AI – Malicious PE
GDataDropped:Trojan.GenericKD.38022227
JiangminClient-SMTP.Blat.ag
eGambitUnsafe.AI_Score_97%
AviraDR/Delphi.Gen
Antiy-AVLRiskWare[RemoteAdmin]/Win32.Ammyy
ArcabitTrojan.Generic.D2442C53
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4568357
ALYacDropped:Trojan.GenericKD.38022227
MAXmalware (ai score=82)
VBA32Trojan.Pynamer
MalwarebytesMalware.AI.60096596
TrendMicro-HouseCallTROJ_GEN.R002C0WHL21
YandexTrojan.GenAsa!fHFEUiatRPg
IkarusTrojan.BAT.Crypt
FortinetW32/PossibleThreat
WebrootW32.Hacktool.Riskware
AVGWin32:Malware-gen
Cybereasonmalicious.7a1202
PandaTrj/CI.A

How to remove Trojan.Win32.Bingoml.cele?

Trojan.Win32.Bingoml.cele removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment