Trojan

About “Trojan.Win32.Eb.bow” infection

Malware Removal

The Trojan.Win32.Eb.bow is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Eb.bow virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • A process attempted to delay the analysis task.
  • Expresses interest in specific running processes
  • Unconventionial language used in binary resources: Serbian
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine Trojan.Win32.Eb.bow?



File Info:

crc32: 26284194
md5: f0c790b30452db261d895e34fd46ffae
name: F0C790B30452DB261D895E34FD46FFAE.mlw
sha1: 638300975ad682d521e436c31ae268a210fff85c
sha256: 6752df01b87cd39459807b07886761a0ba64b98937322c5f76f07583a05fcbb1
sha512: b3800150e7fb4cbce8d0329a3bb421fff1b544a23021444cb5cb518815f4aff34537a7d65e6283eb44ad674957245f48c35562c417c1adc89deb9ba99ebab92a
ssdeep: 98304:0PbvmM+Z6v0zVF33GjeNsk7CsR+HWdwCbT5sdguF+te2BSrBLkqe6N8xHvV+/se:ybvmMkESu/2B8bQHvELmtFx3SWcka/
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

InternalName: triwilbifor.occ
FileVersion: 6.26.341
Copyright: Copyrighz (C) 2020, wodkagude
ProductVersion: 1.13.21
TranslationUsa: 0x0173 0x00e1

Trojan.Win32.Eb.bow also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.36156919
FireEyeGeneric.mg.f0c790b30452db26
ALYacTrojan.GenericKD.36156919
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Malicious.4!c
SangforMalware
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderTrojan.GenericKD.36156919
K7GWTrojan ( 005765ab1 )
K7AntiVirusTrojan ( 005765ab1 )
CyrenW32/Trojan.NWEO-5235
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:BotX-gen [Trj]
ClamAVWin.Packed.Fugrafa-9821776-0
KasperskyTrojan.Win32.Eb.bow
AlibabaTrojan:Win32/Kryptik.bb0176f7
RisingTrojan.Kryptik!8.8 (TFE:5:G4gcofMQ0SD)
Ad-AwareTrojan.GenericKD.36156919
EmsisoftTrojan.GenericKD.36156919 (B)
F-SecureTrojan.TR/AD.GoCloudnet.bldbh
DrWebTrojan.PWS.Stealer.26952
TrendMicroHackTool.Win32.ARTEMIS.USMANAI21
McAfee-GW-EditionBehavesLike.Win32.Trojan.rc
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
WebrootW32.Trojan.Gen
AviraTR/AD.GoCloudnet.bldbh
MicrosoftTrojan:Win32/Azorult.MU!MTB
GridinsoftTrojan.Win32.Packed.oa
ArcabitTrojan.Generic.D227B5F7
ZoneAlarmTrojan.Win32.Eb.bow
GDataTrojan.GenericKD.36156919
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Agent.R363517
Acronissuspicious
McAfeeArtemis!F0C790B30452
MAXmalware (ai score=99)
VBA32Backdoor.Mokes
MalwarebytesTrojan.MalPack.GS
PandaTrj/RnkBend.A
ESET-NOD32a variant of Win32/Kryptik.HIYB
TrendMicro-HouseCallHackTool.Win32.ARTEMIS.USMANAI21
TencentWin32.Trojan.Kryptik.Ectr
IkarusTrojan.SuspectCRC
FortinetW32/Kryptik.HIRY!tr
BitDefenderThetaGen:NN.ZexaF.34780.@pKfaiVgMPiG
AVGWin32:BotX-gen [Trj]
Cybereasonmalicious.75ad68
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.BO.672

How to remove Trojan.Win32.Eb.bow?

Trojan.Win32.Eb.bow removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment