Trojan

Should I remove “Trojan.Win32.Bingoml.gknd”?

Malware Removal

The Trojan.Win32.Bingoml.gknd is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Bingoml.gknd virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Harvests cookies for information gathering

How to determine Trojan.Win32.Bingoml.gknd?



File Info:

name: B178455A70B884AD420B.mlw
path: /opt/CAPEv2/storage/binaries/09fe3f817ce428ad6bdaf89c25fade3adbd41212e065ed463833026906785ba8
crc32: 5CDD2B3A
md5: b178455a70b884ad420bbd6257a54b22
sha1: 7fb7564c8522724187ab2be6e208392180f40c83
sha256: 09fe3f817ce428ad6bdaf89c25fade3adbd41212e065ed463833026906785ba8
sha512: 2d3f40e770462bdc223fa10a998287edaadf6fead2554cd1bcf92d854e50e8315aad2ce773a86ac09325447f29f6b51a5185b81e24f84e3beeed13dad67f49c7
ssdeep: 196608:F2gKLhi/w/bRN/2gXNJaKnPlm1rdjpQIlRLzU0x6KO:F2J9iRSJaoU159HzU9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1166633163CCACAF7DA11053B6B0DA7616539BE210BE58EFB53D41A3D7D271C0E129AC2
sha3_384: 88e8aaa6883f06c074cbbddbbce6f82672fee62d93dbc1e6c495a16276055fa2e79edd3495aabe73e2d4c82467707b25
ep_bytes: e866050000e978feffffcccccccccccc
timestamp: 2022-03-03 13:15:57


Version Info:

0: [No Data]

Trojan.Win32.Bingoml.gknd also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
ClamAVWin.Malware.Fugrafa-9938779-0
FireEyeGeneric.mg.b178455a70b884ad
CylanceUnsafe
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (W)
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Bingoml.gknd
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
SentinelOneStatic AI – Suspicious SFX
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R478670
Acronissuspicious
McAfeeArtemis!B178455A70B8
Cybereasonmalicious.c85227

How to remove Trojan.Win32.Bingoml.gknd?

Trojan.Win32.Bingoml.gknd removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment