Categories: Trojan

About “Trojan.Win32.Chapak.eulx” infection

The Trojan.Win32.Chapak.eulx is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Chapak.eulx virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Attempts to connect to a dead IP:Port (6 unique times)
  • Reads data out of its own binary image
  • A process created a hidden window
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Russian
  • Uses Windows utilities for basic functionality
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz
iplogger.org
apps.identrust.com
www.bing.com
isrg.trustid.ocsp.identrust.com
ocsp.int-x3.letsencrypt.org

How to determine Trojan.Win32.Chapak.eulx?



File Info:

crc32: C76F61CEmd5: 9c67b26c4c19c1dd2e317666972973aename: upload_filesha1: 0b99834d405146448f78f1de1770ff99bfc401a3sha256: ce6982b43e5f8b38477498f1af0a1461cdc37c7a5e33f46ca9e3ef531ce91492sha512: 2c95614583620d5eba32f52af2760c46add803f52c8d682e5dfe20255d8a0ed5b308ae012f7fae5e36d703adef44ae748b1416b16f8c8825f92482fe0e352c14ssdeep: 12288:pANwRo+mv8QD4+0V16lXtcg3JZJPTHFTnVCnCyE/E69m++ZdQKlIfVPdHQ:pAT8QE+kGZPTHZnVCnCyEV0I9qtype: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: wotsuper                                                                                            FileDescription: wotsuper 2.1 Installation                                   FileVersion: 2.1                 Comments: CompanyName: wotsuper                                                    Translation: 0x0409 0x04e4

Trojan.Win32.Chapak.eulx also known as:

Bkav W32.AIDetectVM.malware2
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.34377819
FireEye Generic.mg.9c67b26c4c19c1dd
McAfee Artemis!9C67B26C4C19
BitDefender Trojan.GenericKD.34377819
K7GW Trojan ( 0056cb151 )
Cybereason malicious.c4c19c
Invincea heuristic
BitDefenderTheta Gen:NN.ZexaF.34152.TqW@au7WVkcG
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:MalwareX-gen [Trj]
ClamAV Win.Dropper.Vidar-9182565-0
Kaspersky Trojan.Win32.Chapak.eulx
Rising Trojan.Kryptik!8.8 (TFE:dGZlOgUmVAdEZ7XX5w)
Ad-Aware Trojan.GenericKD.34377819
Sophos Mal/Generic-S
F-Secure Trojan.TR/AD.VidarStealer.GW
Emsisoft Trojan-Dropper.Agent (A)
Webroot W32.Trojan.Gen
Avira TR/AD.VidarStealer.LA
Microsoft Trojan:Win32/Zenpak.DEH!MTB
SUPERAntiSpyware Trojan.Agent/Gen-Downloader
AhnLab-V3 Malware/Win32.Generic.C3733562
ZoneAlarm Trojan.Win32.Chapak.eulx
GData Trojan.GenericKD.34377819
ESET-NOD32 a variant of Win32/Kryptik.HFOA
VBA32 Malware-Cryptor.Limpopo
ALYac Trojan.GenericKD.34377819
MAX malware (ai score=80)
Malwarebytes Trojan.Downloader
Panda Trj/CI.A
Ikarus Trojan-PSW.Agent
Fortinet W32/Agent.OKD!tr
AVG Win32:MalwareX-gen [Trj]
Paloalto generic.ml
Qihoo-360 Generic/HEUR/QVM05.1.4CC8.Malware.Gen

How to remove Trojan.Win32.Chapak.eulx?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: a.tomx.xyzapps.identrust.comiplogger.orgisrg.trustid.ocsp.identrust.comocsp.int-x3.letsencrypt.orgTrojan.Win32.Chapak.eulxwww.bing.comz.whorecord.xyz
4 years ago

Recent Posts

Malware.AI.1637728237 removal guide

The Malware.AI.1637728237 is considered dangerous by lots of security experts. When this infection is active,…

5 seconds ago

Malware.AI.3853500047 removal instruction

The Malware.AI.3853500047 is considered dangerous by lots of security experts. When this infection is active,…

1 min ago

About “Malware.Heuristic.2013” infection

The Malware.Heuristic.2013 is considered dangerous by lots of security experts. When this infection is active,…

51 mins ago

Application.Bundler.iStartSurf.264 (file analysis)

The Application.Bundler.iStartSurf.264 is considered dangerous by lots of security experts. When this infection is active,…

51 mins ago

Should I remove “Ursu.726157”?

The Ursu.726157 is considered dangerous by lots of security experts. When this infection is active,…

51 mins ago

About “Virus:Win32/Xpaj.B” infection

The Virus:Win32/Xpaj.B is considered dangerous by lots of security experts. When this infection is active,…

56 mins ago