Trojan

Trojan.Win32.Cobalt.exg information

Malware Removal

The Trojan.Win32.Cobalt.exg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Cobalt.exg virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Trojan.Win32.Cobalt.exg?



File Info:

name: BA273EE8BFC5EDD9A5B7.mlw
path: /opt/CAPEv2/storage/binaries/51350674f29fd3594cd5fe2f226a91da518ae64e0d892c0c1ea4ccd507308ded
crc32: 69743F87
md5: ba273ee8bfc5edd9a5b77c84be22f04c
sha1: 7c13f88f39afd95bcecf491bbf8be65dd08f2a6e
sha256: 51350674f29fd3594cd5fe2f226a91da518ae64e0d892c0c1ea4ccd507308ded
sha512: 8a09c007bea9b7559735578b8c5b1bc287b487aa96f52318863c84f5d06aceb37cb3b8e0e4333343fbbb0fc404f8c614ec2475a24844abd8351c51d0bfb609db
ssdeep: 24576:yL03Xw4WjV3ayA04w8PHoK1Q/7tpNr2EflYG0bg:HX1WR3ahPHoK1Q/7tP7F
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1E4856D02BCD628BAC679E1328971A2A13732BC6903313BC71F45757E5AB9BD42E3D354
sha3_384: 24fa7cad99ab93a39024f0680a1288223a38ea72b9b84a262f34c202b171158b72cdd786fe0c61fc081618bcbebfde27
ep_bytes: e9bbc8ffffcccccccccccccccccccccc
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Trojan.Win32.Cobalt.exg also known as:

LionicTrojan.Win32.Cobalt.4!c
MicroWorld-eScanTrojan.GenericKD.47542232
FireEyeTrojan.GenericKD.47542232
ALYacTrojan.GenericKD.47542232
K7AntiVirusTrojan ( 005814c11 )
AlibabaTrojan:Win32/Cobalt.1693c1ae
K7GWTrojan ( 005814c11 )
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of WinGo/Rozena.BP
TrendMicro-HouseCallTROJ_GEN.R002H0DL221
KasperskyTrojan.Win32.Cobalt.exg
BitDefenderTrojan.GenericKD.47542232
AvastWin64:Trojan-gen
Ad-AwareTrojan.GenericKD.47542232
SophosMal/Generic-S
McAfee-GW-EditionBehavesLike.Win64.BadFile.th
EmsisoftTrojan.GenericKD.47542232 (B)
GDataTrojan.GenericKD.47542232
JiangminTrojan.Cometer.brw
AviraHEUR/AGEN.1137047
MAXmalware (ai score=86)
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!BA273EE8BFC5
APEXMalicious
IkarusTrojan.WinGo.Rozena
MaxSecureTrojan.Malware.300983.susgen
AVGWin64:Trojan-gen
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Trojan.Win32.Cobalt.exg?

Trojan.Win32.Cobalt.exg removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment