Categories: Trojan

About “Trojan.Win32.Cossta.aeyg” infection

The Trojan.Win32.Cossta.aeyg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Win32.Cossta.aeyg virus can do?

Behavioural detection: Executable code extraction – unpacking
Dynamic (imported) function loading detected
Performs HTTP requests potentially not found in PCAP.
HTTPS urls from behavior.
Authenticode signature is invalid
Attempts to modify proxy settings
Attempts to interact with an Alternate Data Stream (ADS)
Anomalous binary characteristics

How to determine Trojan.Win32.Cossta.aeyg?


File Info:
name: 2C8C6BB34116E84E90C5.mlwpath: /opt/CAPEv2/storage/binaries/2abc65f96c97965edfb7e257030de0d9495a16550e02412eab4f9f2dc62a0f41crc32: 5329F465md5: 2c8c6bb34116e84e90c5d1adf6b4dabesha1: 3ea095eec219ba4deab5e8103310bd2d98a096ffsha256: 2abc65f96c97965edfb7e257030de0d9495a16550e02412eab4f9f2dc62a0f41sha512: 2cab3765fe0e7c331b24e54354c928dfc9b5b032c82f4517770499eaa87823ec83408405c3a2ee5d89db6f0fa59c31922600380b33c39de01ac20787020bcfe4ssdeep: 6144:8ocMnMqRPmwpzvH+jadbVkvjia1x9AOU12IBzqcQTSbpupRkFsVFMbTyYzWw5dEE:hQdwpzUadbV+jiaHSqciSbpupiKYaeFtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1BA647323F501F11BE45284B07E14869A2C156C721780A857FBC2BFCBB1716EBA9B5B1Fsha3_384: f29cf673eb401764f3973ccc71d8ea522783cbd2415a437823e64d495ea3ac7f9c1bf3213980280cc3db39dc6eaac8f0ep_bytes: 68b8544000e8f0ffffff000000000000timestamp: 2014-10-13 02:23:29
Version Info:
Translation: 0x0409 0x04b0CompanyName: sonyProductName: uzywqsFileVersion: 1.00ProductVersion: 1.00InternalName: osnpqxOriginalFilename: osquys.exe

Trojan.Win32.Cossta.aeyg also known as:

Lionic	Trojan.Win32.Cossta.m53q
MicroWorld-eScan	Trojan.GenericKD.50127348
CAT-QuickHeal	Trojan.Cossta
ALYac	Trojan.GenericKD.50127348
Cylance	Unsafe
Sangfor	Trojan.Win32.Cossta.aeyg
K7AntiVirus	NetWorm ( 700000151 )
Alibaba	TrojanSpy:Win32/Cossta.6a3b2b3a
K7GW	NetWorm ( 700000151 )
Cybereason	malicious.34116e
VirIT	Trojan.Win32.Generic.AWXE
Cyren	W32/S-89f55aff!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Spy.Bancos.AAO
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Trojan.Cossta-9827890-0
Kaspersky	Trojan.Win32.Cossta.aeyg
BitDefender	Trojan.GenericKD.50127348
NANO-Antivirus	Trojan.Win32.Cossta.jnyyot
SUPERAntiSpyware	Trojan.Agent/Gen-Kazy
Avast	Win32:GenMalicious-XO [Trj]
Tencent	Malware.Win32.Gencirc.11ef8522
Ad-Aware	Trojan.GenericKD.50127348
TACHYON	Trojan/W32.VB-Cossta.331776
Sophos	ML/PE-A + Troj/VBSpy-P
Comodo	TrojWare.Win32.Cossta.AWE@5pi5dz
DrWeb	Trojan.DownLoader11.43326
TrendMicro	TROJ_GEN.R002C0PD722
McAfee-GW-Edition	Downloader-FBBY!2C8C6BB34116
FireEye	Generic.mg.2c8c6bb34116e84e
Emsisoft	Trojan.GenericKD.50127348 (B)
SentinelOne	Static AI – Malicious PE
GData	Trojan.GenericKD.50127348
Avira	BDS/Simda.aomenoa
Arcabit	Trojan.Generic.D2FCE1F4
ViRobot	Trojan.Win32.Z.Cossta.331776
Microsoft	Trojan:Win32/Skeeyah.A!rfn
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win32.Agent.R129030
McAfee	Downloader-FBBY!2C8C6BB34116
MAX	malware (ai score=80)
VBA32	TScope.Trojan.VB
Malwarebytes	Malware.AI.2830735123
TrendMicro-HouseCall	TROJ_GEN.R002C0PD722
Rising	Spyware.Bancos!8.2F8 (CLOUD)
Yandex	Trojan.GenAsa!xnaDYEq133c
Ikarus	Trojan.Win32.Cossta
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Bancos.ACMB!tr
BitDefenderTheta	Gen:NN.ZevbaF.34666.um0@ayTSutei
AVG	Win32:GenMalicious-XO [Trj]
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_100% (W)