Trojan

Trojan.Win32.Fsysna.ibue removal tips

Malware Removal

The Trojan.Win32.Fsysna.ibue is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Fsysna.ibue virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Korean
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Installs itself for autorun at Windows startup
  • Installs itself for autorun at Windows startup
  • Created a service that was not started
  • Anomalous binary characteristics

How to determine Trojan.Win32.Fsysna.ibue?



File Info:

name: 873D451F9C87777E1134.mlw
path: /opt/CAPEv2/storage/binaries/468b6134fbc72d2d54a4dae1098d4c59c03aefbe880940a625f9f600b52636e5
crc32: B21F12FA
md5: 873d451f9c87777e11342a8fc264134f
sha1: cc9376656bef947f362b12b0178c9eaffaec1159
sha256: 468b6134fbc72d2d54a4dae1098d4c59c03aefbe880940a625f9f600b52636e5
sha512: 5453b0db3d773a21ca58fb3d25dc8473603d8cc59b60d79dbd6741dadedb98b786416864c900f5c71412f371f47a1c4cdce987ca2826383844a86001eda9c171
ssdeep: 49152:h3d66HSvVL6hlh7Za9YRmdckvJP06bEhKjEmq/CYgbKvyOvLDGMwHBQtC6A81:h06yAIGkhP06bEhKjESwyOvPxwd781
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11EE52301F8C595F2E1412D3246656A61987BBD200B32C9EBF7DCA51DE7A31C1EB30BA7
sha3_384: 65805af5b5e215159d0cbc293db08ca5e9166ca8f6466b45000fb6f8999c0552071c5812320839fe2e5b6d1c8936fb93
ep_bytes: e8a4040000e988feffff3b0d68e64300
timestamp: 2021-03-03 15:00:56


Version Info:

0: [No Data]

Trojan.Win32.Fsysna.ibue also known as:

BkavW32.AIDetect.malware2
FireEyeGeneric.mg.873d451f9c87777e
CylanceUnsafe
AlibabaTrojan:Win32/Fsysna.7e44252b
KasperskyTrojan.Win32.Fsysna.ibue
TencentWin32.Trojan.Fsysna.Dzjx
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.wc
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftPUA:Win32/Puamson.A!ml
McAfeeArtemis!873D451F9C87
APEXMalicious
SentinelOneStatic AI – Malicious PE

How to remove Trojan.Win32.Fsysna.ibue?

Trojan.Win32.Fsysna.ibue removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment