Trojan

Trojan.Win32.Copak removal instruction

Malware Removal

The Trojan.Win32.Copak is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Copak virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • HTTPS urls from behavior.
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Win32.Copak?



File Info:

name: BFACCDF7AE47003E7825.mlw
path: /opt/CAPEv2/storage/binaries/ef518aea988485d3ad4423441e7c4e21fa78e045ebba10870c72c6042d9bb359
crc32: 21C234E5
md5: bfaccdf7ae47003e7825202b9986d563
sha1: 1afa056381f1ed91c08e5e2f0f80530ef2c821d6
sha256: ef518aea988485d3ad4423441e7c4e21fa78e045ebba10870c72c6042d9bb359
sha512: 7af63ef9797731abfc7526620992818281bb72c4ee365b812095d735b3b8bb0937667ecdd46d6d979030dac8a48e6463981e32f8098eaa940ad293f3724dd23f
ssdeep: 3072:BsBg8rJUYQf7PFPyq9lCq1n9hajAndpJ9gW0vADlPdtHLw:OBHRQf7PFPVCq1n9o2wvADlDHLw
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T12AD3024BF7C3A026C17F2B79C250B1A8559406B29381ECF5EECA76A292407DFECD61C0
sha3_384: 9ff368bd1632bcd733bbcfd82f81e8680d2c8f3eb3fbe8a15c79b969c51d7b9a2be26733bb5054ed71df089cf2a21275
ep_bytes: 5589e5b80000000089df89d289ca89fe
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Trojan.Win32.Copak also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Copak.4!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Razy.866955
FireEyeGeneric.mg.bfaccdf7ae47003e
SkyhighBehavesLike.Win32.Generic.cm
McAfeeGenericRXAA-FA!BFACCDF7AE47
MalwarebytesTrojan.MalPack.Generic
VIPREGen:Variant.Razy.866955
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058c5ff1 )
BitDefenderGen:Variant.Razy.866955
K7GWTrojan ( 0058c5ff1 )
Cybereasonmalicious.381f1e
BitDefenderThetaGen:NN.ZexaF.36792.imX@aeBy@@e
VirITWin32.NSPacker.A
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.DZQA
CynetMalicious (score: 100)
APEXMalicious
KasperskyHEUR:Trojan.Win32.Copak.gen
AlibabaTrojan:Win32/Injector.afeffbbd
NANO-AntivirusTrojan.Win32.Copak.ivsgga
ViRobotTrojan.Win.Z.Injector.138701.B
RisingTrojan.Injector!1.C865 (CLASSIC)
SophosMal/HckPk-A
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.Packed2.43250
TrendMicroTROJ_GEN.R002C0DK423
EmsisoftGen:Variant.Razy.866955 (B)
IkarusTrojan.Win32.Injector
GDataGen:Variant.Razy.866955
JiangminTrojan.Copak.ily
VaristW32/Kryptik.DZR.gen!Eldorado
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Win32.Injector
Kingsoftmalware.kb.b.846
XcitiumPacked.Win32.MUPX.Gen@24tbus
ArcabitTrojan.Razy.DD3A8B
SUPERAntiSpywareTrojan.Agent/Gen-Crypt
ZoneAlarmHEUR:Trojan.Win32.Copak.gen
MicrosoftTrojan:Win32/Injector.RAQ!MTB
GoogleDetected
AhnLab-V3Malware/Win32.Generic.C2860595
ALYacGen:Variant.Razy.866955
MAXmalware (ai score=81)
DeepInstinctMALICIOUS
VBA32BScope.Trojan.Wacatac
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0DK423
TencentTrojan.Win32.Copak.pe
YandexTrojan.Copak!m0tlA4X+x3I
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.EAHK!tr
AVGWin32:Evo-gen [Trj]
AvastWin32:Evo-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Win32.Copak?

Trojan.Win32.Copak removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment