Trojan

How to remove “Trojan.Win32.Fabookie.aqu”?

Malware Removal

The Trojan.Win32.Fabookie.aqu is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Fabookie.aqu virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Harvests cookies for information gathering

How to determine Trojan.Win32.Fabookie.aqu?



File Info:

name: F6EC52338FD06160542C.mlw
path: /opt/CAPEv2/storage/binaries/be3aac43f392686ebfa9610f2822a15cc6a1c55464f0c2747ca70f7415e02484
crc32: 45A4B8DE
md5: f6ec52338fd06160542c26932f2c46f1
sha1: 153c854371575015a28c4f368a258ec858884eff
sha256: be3aac43f392686ebfa9610f2822a15cc6a1c55464f0c2747ca70f7415e02484
sha512: c4926734f687febd8c503a6f5edac3fb0dd739b116c3a1ae1ad0feaa62e032c06db81ac9f6052fe195a39ae95410ab4892a96e7bcb9cbaedbc06dfc4856cbf0a
ssdeep: 98304:+g8F//qvA9RrZN3o7Xxj48dysVatcA6WU:+Z1/0YNN4SgyvJk
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1E20601FE2248379CC41E88385033FD45B1B6152F4EE59AAE29DBFAD0779F810D642B52
sha3_384: 02308da6df6d5eb06e33e64000e8992525e62567959a4c443eb1cbb32d18ead97e00ccac6293ac0879bae3c48f99e1ea
ep_bytes: 6864e70134e860e62400957b4693b9d0
timestamp: 2022-11-09 01:58:05


Version Info:

0: [No Data]

Trojan.Win32.Fabookie.aqu also known as:

Elasticmalicious (high confidence)
FireEyeGeneric.mg.f6ec52338fd06160
CylanceUnsafe
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win64/Packed.VMProtect.L suspicious
APEXMalicious
KasperskyTrojan.Win32.Fabookie.aqu
AvastWin64:Malware-gen
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win64.Dropper.wc
Trapminesuspicious.low.ml.score
IkarusTrojan.Win64.Agent
GDataWin64.Trojan.Agent.OL6M4C
GoogleDetected
AviraHEUR/AGEN.1210601
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C5302605
Acronissuspicious
MalwarebytesSpyware.Fabookie
RisingTrojan.Fabookie!8.11C3D (TFE:5:BnL8TPz32vU)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW64/VMProtect.EEF8!tr
AVGWin64:Malware-gen

How to remove Trojan.Win32.Fabookie.aqu?

Trojan.Win32.Fabookie.aqu removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment