Trojan

How to remove “Trojan.Win32.Fsysna.gkkk”?

Malware Removal

The Trojan.Win32.Fsysna.gkkk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Fsysna.gkkk virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan.Win32.Fsysna.gkkk?



File Info:

name: A5B0FB2BDB93A61F787D.mlw
path: /opt/CAPEv2/storage/binaries/f33c15818dbf43cbed14a9eefc5fef37f0e09c42047fcb4fd67cbf2240f0530f
crc32: C0288170
md5: a5b0fb2bdb93a61f787d94324da2ba92
sha1: 30342311195559313536c391462d3aba847b2a04
sha256: f33c15818dbf43cbed14a9eefc5fef37f0e09c42047fcb4fd67cbf2240f0530f
sha512: 5b528ed9e09a1ea2c9296647c57625d6df47978afff20aaa91ee89455afa96e76af7ed163a5e7d6d36279d4ed44bd9e1cf8c4fb5b6c00dcf9ee6be478a36973a
ssdeep: 24576:3Zm0k1q/o3tAzf0WqwHRUrlGdeQ3ntUp7rMj08g4iB4Vi3l299PTUqH5oEuIC6+m:3ZmBntnWv6xGdeUnc78I4iB4yuh5Hqbe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17E653346E2CB78C4F268D3F69673145C486AE5E2686A4773CCD8ACF64EC922B3C05D1D
sha3_384: f8a745dfb2f2bc234e73ec3bf10b9dc0e49c99981c51cfc2844bebba21d7a837cbef18d2439152db5fe12f216922bc54
ep_bytes: 60be005041008dbe00c0feff5789e58d
timestamp: 2012-12-30 08:49:49


Version Info:

CompanyName: Oleg N. Scherbakov
FileDescription: 7z Setup SFX (x86)
FileVersion: 1.5.0.2712
InternalName: 7ZSfxMod
LegalCopyright: Copyright © 2005-2012 Oleg N. Scherbakov
OriginalFilename: 7ZSfxMod_x86.exe
PrivateBuild: December 30, 2012
ProductName: 7-Zip SFX
ProductVersion: 1.5.0.2712
Translation: 0x0000 0x04b0

Trojan.Win32.Fsysna.gkkk also known as:

AlibabaTrojan:Win32/Fsysna.ba940c2c
APEXMalicious
KasperskyTrojan.Win32.Fsysna.gkkk
RisingMalware.Heuristic!ET (C64:YzY0OosLhhXzIvbt)
JiangminTrojan.Fsysna.map
Antiy-AVLTrojan/Generic.ASMalwS.5406
VBA32Trojan.Wacatac
MalwarebytesMalware.Heuristic.1003
BitDefenderThetaGen:NN.ZexaE.34606.@u0@aO4!pNij

How to remove Trojan.Win32.Fsysna.gkkk?

Trojan.Win32.Fsysna.gkkk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment