Should I remove “Trojan.Win32.Cosmu.auyr”?

The Trojan.Win32.Cosmu.auyr is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Win32.Cosmu.auyr virus can do?

Authenticode signature is invalid
Anomalous binary characteristics

How to determine Trojan.Win32.Cosmu.auyr?


File Info:
name: 0868C9590B387F224612.mlw
path: /opt/CAPEv2/storage/binaries/297d04fec643bba40c781a510d46036b73c2289635f60fcdeab0c9fd81eeb6a6
crc32: B534764E
md5: 0868c9590b387f22461278c325d0f822
sha1: 546f48eb20f5e26a6f5975a50d6727c9e039e472
sha256: 297d04fec643bba40c781a510d46036b73c2289635f60fcdeab0c9fd81eeb6a6
sha512: 7791c1c3cd2c8268bd06b6630de1db28d375906cf31cc0ff767b9527ddf1aa1dd9454a1b388ef7faf5f30a119949d705ccf1890c0f9af1e888794e55135161eb
ssdeep: 1536:ZzqYKuUPPf7DYepp+0zI1ZBjhRDmmHeIoQ7ykc6NF8BbncWMzwgLyV3rE:ZWTD361im+G7y/yF4fMTLyV3I
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C5A33913F31454AEE055423024434B76AA96AC711696DF13FB626A2D3CB13E3AEF4F0B
sha3_384: ed3fdd11546e64b1e7001a001b705c649a274cd307b8313612df8b2363ed448d61f38dfd85508db284464ac2294feb2f
ep_bytes: 68cc7c4000e8eeffffff000000000000
timestamp: 2011-05-25 04:53:50

Version Info:
0: [No Data]

Trojan.Win32.Cosmu.auyr also known as:

Bkav	W32.AIDetectMalware
Cynet	Malicious (score: 100)
McAfee	Artemis!0868C9590B38
CrowdStrike	win/malicious_confidence_100% (D)
Cyren	W32/Barys.AU.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
Kaspersky	Trojan.Win32.Cosmu.auyr
NANO-Antivirus	Trojan.Win32.Cosmu.csfhiw
F-Secure	Trojan.TR/Drop.Cosmu.A
DrWeb	Win32.HLLW.Autoruner.62035
McAfee-GW-Edition	BehavesLike.Win32.Generic.cm
FireEye	Generic.mg.0868c9590b387f22
Sophos	ML/PE-A
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan/Cosmu.pre
Webroot	W32.Malware.Gen
Avira	TR/Drop.Cosmu.A
Antiy-AVL	Trojan/Win32.Cosmu
ZoneAlarm	Trojan.Win32.Cosmu.auyr
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.Cosmu.C5465576
Cylance	unsafe
Zoner	Trojan.Win32.32990
Rising	Malware.Undefined!8.C (TFE:3:Mr6nk6aJaiM)
MaxSecure	Trojan.Malware.300983.susgen
Cybereason	malicious.b20f5e
DeepInstinct	MALICIOUS

How to remove Trojan.Win32.Cosmu.auyr?

Trojan.Win32.Cosmu.auyr removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X