Trojan

About “Trojan.Win32.Genome.dfab” infection

Malware Removal

The Trojan.Win32.Genome.dfab is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Genome.dfab virus can do?

  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

How to determine Trojan.Win32.Genome.dfab?



File Info:

crc32: 6B0ACEAF
md5: 8a23137ebaa9263a46372eb418101247
name: 8A23137EBAA9263A46372EB418101247.mlw
sha1: a4dbaf7a4a6316a97d62d9b19668de99ef741bc6
sha256: 085cf335396bbb37856b7f4ca6bead5e1e1e02aad6dbe39299036869f894182e
sha512: 960dd2ba93f31b1ff6948ac9ccdabf7cdd54e466758a140ddd1ee3f7adfeb80227a05a364252dc63e0e37d4747ecb535df22147a627c1f7c473d4d771ec2df64
ssdeep: 6144:nsaY8p9zvCu3VEeSFdeg9KD6WrqHErvBNWY44+jOEq+ZqXZ+809veTC1ArFOPbUi:nsaY8rqu6e+decKD6WrJrpNsjnqXZ+8o
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

0: [No Data]

Trojan.Win32.Genome.dfab also known as:

K7AntiVirusTrojan ( 0030b2a81 )
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop.32183
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Agent.8142
CylanceUnsafe
ZillyaDropper.Agent.Win32.379508
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
K7GWTrojan ( 0030b2a81 )
Cybereasonmalicious.a4a631
BaiduWin32.Trojan-Dropper.Agent.v
CyrenW32/Agent.FI.gen!Eldorado
SymantecSMG.Heur!gen
ESET-NOD32a variant of Win32/TrojanDropper.Agent.OBM
ZonerTrojan.Win32.36891
APEXMalicious
AvastWin32:Rootkit-gen [Rtk]
ClamAVWin.Dropper.Ramnit-7081815-0
KasperskyTrojan-Dropper.Win32.Agent.gato
NANO-AntivirusTrojan.Win32.Crypter.wpmb
ViRobotBackdoor.Win32.Hupigon.48640.I
SUPERAntiSpywareTrojan.Agent/Gen-Hugipon
TencentTrojan.Win32.Dropper.abh
SophosML/PE-A + Troj/Mdrop-CGE
ComodoTrojWare.Win32.TrojanDropper.Agent.~VQ@13ntw0
BitDefenderThetaGen:NN.ZexaCO.34722.vmJfaWhQ1Kbb
VIPRETrojanDropper.Win32.Agent.DO (v)
TrendMicroTROJ_AGENT.SMX
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
FireEyeGeneric.mg.8a23137ebaa9263a
EmsisoftTrojan.Agent (A)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDropper.Crypter.gg
AviraTR/Dropper.Gen
eGambitUnsafe.AI_Score_100%
Antiy-AVLTrojan/Generic.ASMalwS.8120
MicrosoftTrojan:Win32/Wacatac.B!ml
GridinsoftTrojan.Win32.Agent.vb!s2
GDataWin32.Trojan.PSE.10CLGDP
AhnLab-V3Dropper/Win32.Crypter.R3134
McAfeegeneric!bg.fgl
VBA32Trojan.Win32.Genome.dfab
MalwarebytesRansom.Cerber
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_AGENT.SMX
RisingTrojan.Lock!1.B303 (CLASSIC)
YandexTrojan.GenAsa!MLVuNpIpKLw
IkarusTrojan-Downloader.Win32.Unruy
FortinetW32/Generic.AC.12FB!tr
AVGWin32:Rootkit-gen [Rtk]

How to remove Trojan.Win32.Genome.dfab?

Trojan.Win32.Genome.dfab removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment