Trojan

What is “Trojan.Win32.Bingoml.gkfn”?

Malware Removal

The Trojan.Win32.Bingoml.gkfn is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Bingoml.gkfn virus can do?

  • CAPE extracted potentially suspicious content
  • A HTTP/S link was seen in a script or command line
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Deletes executed files from disk
  • Attempts to execute suspicious powershell command arguments

How to determine Trojan.Win32.Bingoml.gkfn?



File Info:

name: 1BAE2616D747795FA29F.mlw
path: /opt/CAPEv2/storage/binaries/0cbeb47189d329272aee8dac14153fac1e1dddf0bf6c957f5de26f8d9a94c8bc
crc32: EA8F7556
md5: 1bae2616d747795fa29fc3376ce9a16e
sha1: d1e574d27c3880ad8599efe392311ebaf4ca84af
sha256: 0cbeb47189d329272aee8dac14153fac1e1dddf0bf6c957f5de26f8d9a94c8bc
sha512: f15eff3aa978e1db2af0de5aa170fd8387711658f5723528482062ebe2d2efbd61dc0007ea92add930c4bd429b2dbd40759e8123a4ef56131b3e2570ed0edb4c
ssdeep: 3072:I7DhdC6kzWypvaQ0FxyNTBfC24JRZq+Qvh3nSieXOM4RM:IBlkZvaF4NTBK2Wq+Eh3SieXsM
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T16A548E15F9D50295F4F118F20FA281BA8BB85F109BA099D3930D3DF5493E9A07D693EC
sha3_384: 478a630d13cc99cbf1e8b09459acb0d37905f13e94fba099647089a9b0c33bc144f7f8afcc1535a42c8bbe6d3f87bcc5
ep_bytes: 68ac00000068000000006868804100e8
timestamp: 2019-07-30 08:52:45


Version Info:

0: [No Data]

Trojan.Win32.Bingoml.gkfn also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Encoder.trrL
FireEyeGeneric.mg.1bae2616d747795f
CylanceUnsafe
SangforTrojan.Win32.Save.a
AlibabaTrojan:Win32/Bingoml.37d32b5b
BitDefenderThetaGen:NN.ZexaF.34646.ruW@aKucprd
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
Paloaltogeneric.ml
KasperskyTrojan.Win32.Bingoml.gkfn
CynetMalicious (score: 100)
McAfee-GW-EditionBehavesLike.Win32.Generic.dt
SophosMal/Generic-S
Antiy-AVLTrojan/Generic.ASMalwS.5174
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmTrojan.Win32.Bingoml.gkfn
McAfeeArtemis!1BAE2616D747
MalwarebytesMalware.Heuristic.1008
AvastFileRepMalware [Misc]
RisingTrojan.Generic@AI.86 (RDML:eEntNTrG5uzO1YRSENe1Ew)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGFileRepMalware [Misc]
Cybereasonmalicious.27c388

How to remove Trojan.Win32.Bingoml.gkfn?

Trojan.Win32.Bingoml.gkfn removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment