Trojan

What is “Trojan.Win32.Jimmy”?

Malware Removal

The Trojan.Win32.Jimmy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Jimmy virus can do?

  • Unconventionial language used in binary resources: Korean
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan.Win32.Jimmy?



File Info:

name: C6F3E9C3A3CBAA9C606D.mlw
path: /opt/CAPEv2/storage/binaries/3fa94af5231940657dfb7f2dd9da49dc013d0e69d08b3afbf5bc1396610594d1
crc32: F5A325A2
md5: c6f3e9c3a3cbaa9c606d19733b982851
sha1: d9dc3f0aa6ebff0ba31ce0fd847788efb9f392eb
sha256: 3fa94af5231940657dfb7f2dd9da49dc013d0e69d08b3afbf5bc1396610594d1
sha512: 9b4ac514ad6c46ce205189d622dda74e1542585f4bff3212a1ba4673734b359f1a9d8f096ba8d40cfc40e4f1d729a7228891cbecf10882e67eb458243b380c17
ssdeep: 49152:5ao8e0Zli/ivyiSEl4X7yCy87F2AKx1IBS1SiFDiqJ5aJ8RqbKWxZBp/4Aa4uquB:Io8efElI1y87F2AKx1IBSwbKWxZBp/K
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10506AF11B1068039F8A311B28DBD2F5F952C9E100B5955D3E3C82D6EDAB56E33F3296B
sha3_384: 8ebae7bc61cc12d0143a7183d59a0b5ca791ea577507bfd7b06f0b06b601b013c39d1fdd02c7a75365edf45caa32a8b0
ep_bytes: e8a6060000e97afeffff8b4df464890d
timestamp: 2021-11-07 20:49:29


Version Info:

CompanyName: Ymir Entertainment
FileDescription: Metin2Client
FileVersion: 1.0.28249.1
InternalName: Metin2Client
LegalCopyright: Copyright (C) 2011
OriginalFilename: Metin2Client.exe
ProductName: Metin2Client
ProductVersion: 1, 0, 0, 1
Translation: 0x0800 0x03b5

Trojan.Win32.Jimmy also known as:

MicroWorld-eScanTrojan.GenericKD.37981504
FireEyeTrojan.GenericKD.37981504
McAfeeArtemis!C6F3E9C3A3CB
AlibabaTrojan:Win32/Jimmy.77a22775
TrendMicro-HouseCallTROJ_GEN.R002C0WKG21
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Jimmy.gen
BitDefenderTrojan.GenericKD.37981504
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKD.37981504
EmsisoftTrojan.GenericKD.37981504 (B)
F-SecureTrojan.TR/Redcap.ykhka
TrendMicroTROJ_GEN.R002C0WKG21
McAfee-GW-EditionArtemis
GDataTrojan.GenericKD.37981504
AviraTR/Redcap.ykhka
MAXmalware (ai score=84)
ArcabitTrojan.Generic.D2438D40
MicrosoftTrojan:Win32/Wacatac.B!ml
VBA32BScope.Trojan.Jimmy
ALYacTrojan.GenericKD.37981504
YandexTrojan.Jimmy!Gi1Dt+hCnVc
MaxSecureTrojan.Malware.115605871.susgen
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
PandaTrj/GdSda.A

How to remove Trojan.Win32.Jimmy?

Trojan.Win32.Jimmy removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment