Trojan

Trojan.Win32.Chapak.ewht malicious file

Malware Removal

The Trojan.Win32.Chapak.ewht is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Chapak.ewht virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Created a process from a suspicious location
  • CAPE detected the Raccoon malware family

How to determine Trojan.Win32.Chapak.ewht?



File Info:

name: 529BDDE5933BE5D292CC.mlw
path: /opt/CAPEv2/storage/binaries/7216531f7bdf08e92cf69d0754b27da97d716c62ec5294fa03ccebb7e652bfdb
crc32: AC24E9CA
md5: 529bdde5933be5d292cc8d45e23220bc
sha1: 6b4d82bc8e83af8293ecab2052e849ef22472a50
sha256: 7216531f7bdf08e92cf69d0754b27da97d716c62ec5294fa03ccebb7e652bfdb
sha512: 6af99fc34fe35ebf5e795c43d5a52327d166b9847d308c34a3ecc7c5e6b4c7d73ab0b4ba8823c33480366a4ef4cccc7316b8ee32925a05fd2669bb987afe8a38
ssdeep: 24576:Is50MnT9pPNP28/AH0cKYdzWwI6Cs50MKT9pP+DDtH9/Ivss50MrT9pPLrYEiDy6:Is5rlVYDWs5wAnwvss5voEBxQ/obq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T138751216BF165103F0094A7005E297E627BD7C1BB7831A1FB78DB62E1FB528A1DD02B9
sha3_384: f57143605ec97e95529da65af1093cce25491b5cc749147563d24d0df02c8062e1ba7097903ae838e14bccdcab8a0f1e
ep_bytes: e9dafce6ff00a62ce61b081930205ce3
timestamp: 2020-10-28 17:02:52


Version Info:

Translation: 0x0407 0x04b0
ProductName: CosmosTheGreatAwakening777
FileVersion: 1.00
ProductVersion: 1.00
InternalName: 44rq3dfeawdesf777
OriginalFilename: 44rq3dfeawdesf777.exe

Trojan.Win32.Chapak.ewht also known as:

LionicTrojan.Win32.Chapak.trFA
MicroWorld-eScanTrojan.GenericKD.44335231
FireEyeGeneric.mg.529bdde5933be5d2
McAfeeGenericRXMK-OF!529BDDE5933B
CylanceUnsafe
ZillyaTrojan.Injector.Win32.783499
SangforVISUAL BASIC4
K7AntiVirusTrojan ( 00571e2b1 )
AlibabaTrojan:Win32/Chapak.8b38f43b
K7GWTrojan ( 00571e2b1 )
Cybereasonmalicious.5933be
VirITTrojan.Win32.Injector.COCC
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.EOAL
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.Chapak-9849518-0
KasperskyTrojan.Win32.Chapak.ewht
BitDefenderTrojan.GenericKD.44335231
NANO-AntivirusTrojan.Win32.Chapak.iayylx
AvastWin32:PWSX-gen [Trj]
TencentMalware.Win32.Gencirc.11b0a5b4
Ad-AwareTrojan.GenericKD.44335231
EmsisoftTrojan.Injector (A)
ComodoMalware@#i8npk461mh3p
DrWebTrojan.Siggen10.42634
VIPRETrojan.GenericKD.44335231
McAfee-GW-EditionBehavesLike.Win32.Sivis.tc
Trapminesuspicious.low.ml.score
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.44335231
JiangminTrojan.Chapak.ljk
WebrootW32.Chapak.ewht
AviraTR/Dropper.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.5EB1
KingsoftWin32.Troj.Chapak.ew.(kcloud)
ArcabitTrojan.Generic.D2A4807F
MicrosoftTrojan:Win32/Azorult.CK!MTB
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.R354530
VBA32BScope.TrojanPSW.Stelega
ALYacTrojan.GenericKD.44335231
MalwarebytesSpyware.PasswordStealer
RisingTrojan.Injector!1.C6AF (CLASSIC)
YandexTrojan.Chapak!j6VpBXclG7c
IkarusTrojan.Win32.Amadey
MaxSecureTrojan.Malware.109192117.susgen
FortinetW32/Injector.ENLK!tr
BitDefenderThetaGen:NN.ZevbaF.34806.Mn0@aafoIoC
AVGWin32:PWSX-gen [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Win32.Chapak.ewht?

Trojan.Win32.Chapak.ewht removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment