Categories: Trojan

Trojan.Win32.Downeks.bg information

The Trojan.Win32.Downeks.bg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Win32.Downeks.bg virus can do?

Executable code extraction
Creates RWX memory
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Reads data out of its own binary image
The binary likely contains encrypted or compressed data.
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
Network activity detected but not expressed in API logs
Creates a copy of itself

How to determine Trojan.Win32.Downeks.bg?


File Info:
crc32: 2A4E320Dmd5: 560e17fc01f98086b380f476b44cb0e6name: scan_copy.exesha1: dddc5779c4d16bc876f7a23779cc2043add868f0sha256: 0a18c54ef5b8b05137e9fbb43920e8f06968052d31ae5f14c753e48cb4a84bcasha512: ad0e6bca1694d56256c562cb2a651f256d50ecb7f722383a22a753acc886e1779fd2085e4f1051abef8a519fd33fd73c2b1287c46cd7b1e9920d1b16678de1abssdeep: 24576:Q2rT5JibBsR1YAcUSWcPsPQcVnJtCagQiFhq6SISpKQUBWV+F0ubIWizn:JpJ22R1rcUWPsPFVrCagXFhLSIKKNfItype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: scpCompanyName: ScriptRunnerProductName: SearchProtocolHostProductVersion: 494, 744, 265, 650FileDescription: sdiagnhostOriginalFilename: csrss.exeTranslation: 0x0000 0x04b0

Trojan.Win32.Downeks.bg also known as:

MicroWorld-eScan	Trojan.GenericKD.42241630
McAfee	Artemis!560E17FC01F9
Cylance	Unsafe
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
CrowdStrike	win/malicious_confidence_60% (W)
APEX	Malicious
ClamAV	Win.Malware.Autoit-7533156-0
Kaspersky	Trojan.Win32.Downeks.bg
Alibaba	Trojan:Win32/AutoitU.ali2000008
Rising	Trojan.Obfus/Autoit!1.C075 (CLASSIC)
Ad-Aware	Trojan.GenericKD.42241630
F-Secure	Trojan.TR/AD.NetWiredRc.zgxoi
DrWeb	Trojan.DownLoader32.46938
Zillya	Trojan.GenericTKA.Win32.190
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Backdoor.tc
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.560e17fc01f98086
Ikarus	Trojan-Spy.Keylogger.AgentTesla
Jiangmin	Trojan.Pasta.ahk
Webroot	W32.Malware.Gen
Avira	TR/AD.NetWiredRc.zgxoi
Antiy-AVL	Trojan/Win32.Pasta
Endgame	malicious (high confidence)
ZoneAlarm	Trojan.Win32.Downeks.bg
Microsoft	Trojan:Win32/Wacatac.B!ml
VBA32	Trojan.SelfDel
MAX	malware (ai score=89)
Malwarebytes	Trojan.MalPack.AutoIt
Panda	Trj/Genetic.gen
ESET-NOD32	a variant of Win32/Injector.Autoit.EWB
TrendMicro-HouseCall	TROJ_GEN.R020H06AD20
eGambit	Unsafe.AI_Score_58%
Fortinet	AutoIt/Injector.ESJ!tr
MaxSecure	Trojan.Malware.300983.susgen
AVG	FileRepMalware
Cybereason	malicious.9c4d16
Paloalto	generic.ml