Trojan.Win32.Eb.blm removal instruction

The Trojan.Win32.Eb.blm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Win32.Eb.blm virus can do?

Executable code extraction
Creates RWX memory
A process attempted to delay the analysis task.
Unconventionial language used in binary resources: Serbian
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Attempts to repeatedly call a single API many times in order to delay analysis time
Checks the CPU name from registry, possibly for anti-virtualization
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Trojan.Win32.Eb.blm?


File Info:
crc32: 874DFDEC
md5: c95626fd1c7453b21e94b5faf46d6c35
name: C95626FD1C7453B21E94B5FAF46D6C35.mlw
sha1: 35a38dd9b88f1f2f5ba4f623093934b1cd9d0bf8
sha256: 3afaa2ff3be6dada6a74793cf9ce5f7229d00508071c656e7ce3dce1fb42e94c
sha512: be6b2ec25bff59102f52c04edb742f7397afb12bfc836bd9f3de82db15c3d54075d0d69d390414682d7149441c0bb83d6b321656747e14d66630ac0515185bc8
ssdeep: 98304:kzbCUZFlPokhruVFBm7QGoZwkzYvloCqJP8/fxwA4h7Cae45M4Zu5iAuGlA3eDS:YAkyRZoNxn4hB6P56OeYGYYTudT1QkY
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed

Version Info:
InternalName: triwilbifor.occ
FileVersion: 6.26.361
Copyright: Copyrighz (C) 2020, wodkafull
ProductVersion: 1.0.16
TranslationUsa: 0x0273 0x0080

Trojan.Win32.Eb.blm also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.AntiSandbox.GenericKD.36032541
FireEye	Generic.mg.c95626fd1c7453b2
CAT-QuickHeal	Trojan.Wacatac
ALYac	Trojan.AntiSandbox.GenericKD.36032541
Malwarebytes	Trojan.MalPack.GS
Sangfor	Malware
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Trojan.AntiSandbox.GenericKD.36032541
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.9b88f1
Cyren	W32/Glupteba.N.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:TrojanX-gen [Trj]
Kaspersky	Trojan.Win32.Eb.blm
Alibaba	Trojan:Win32/Azorult.d82f4449
ViRobot	Trojan.Win32.Z.Antisandbox.4443648.A
AegisLab	Trojan.Win32.Malicious.4!c
Tencent	Win32.Trojan.Eb.Syrm
Ad-Aware	Trojan.AntiSandbox.GenericKD.36032541
Sophos	Mal/Generic-S
F-Secure	Heuristic.HEUR/AGEN.1140248
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R049C0DAB21
McAfee-GW-Edition	BehavesLike.Win32.Generic.rc
Emsisoft	Trojan.AntiSandbox.GenericKD.36032541 (B)
Ikarus	Trojan.WinGo.Ranumbot
Webroot	W32.Trojan.Gen
Avira	HEUR/AGEN.1140248
MAX	malware (ai score=88)
Microsoft	Trojan:Win32/Azorult.MR!MTB
Gridinsoft	Trojan.Win32.Packed.oa
Arcabit	Trojan.AntiSandbox.Generic.D225D01D
ZoneAlarm	Trojan.Win32.Eb.blm
GData	Trojan.AntiSandbox.GenericKD.36032541
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.Generic.C4297209
Acronis	suspicious
McAfee	Artemis!C95626FD1C74
VBA32	BScope.Trojan.Wacatac
Panda	Trj/RnkBend.A
ESET-NOD32	WinGo/RanumBot.J
TrendMicro-HouseCall	TROJ_GEN.R049C0DAB21
Rising	Trojan.Kryptik!8.8 (TFE:5:0txcNo6oK6D)
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Kryptik.HIRY!tr
BitDefenderTheta	Gen:NN.ZexaF.34760.@pKfa08l3feG
AVG	Win32:TrojanX-gen [Trj]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_90% (D)
Qihoo-360	Win32/Trojan.4b2

How to remove Trojan.Win32.Eb.blm?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Trojan.Win32.Eb.blm removal instruction