Trojan.Win32.Mucc.rzm (file analysis)

The Trojan.Win32.Mucc.rzm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Win32.Mucc.rzm virus can do?

Executable code extraction
Creates RWX memory
Unconventionial language used in binary resources: Chinese (Traditional)
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Trojan.Win32.Mucc.rzm?


File Info:
crc32: A2275EC1
md5: 3a27f66a430a3b54d24fb8f75e837175
name: 3A27F66A430A3B54D24FB8F75E837175.mlw
sha1: 4af41cd66669d3c2307c1b5af5c198778d174826
sha256: dd996392170826c47b9ab378464423e470a1bdfdff7bcd183c61e3e7896d4326
sha512: 2be02118a3affd640c2b1489816cd396ad3d1af6ab229a3a86bcc20f695445777c1146ffc7488b5bc664d16a6283a3bfa3256758804c2d0851a2bd261c1e1034
ssdeep: 768:tCbCZDdDSaAhQ41sPuTPfBcrGemB0KxtNavGJluWmqzYlf5sh/YDtOika:twCDDt41hO9mBHp88CmQua
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0404 0x04b0
LegalCopyright: ChatSwipe 
InternalName: AFFEJENDES
FileVersion: 4.04.0001
CompanyName: ChatSwipe 
LegalTrademarks: ChatSwipe 
Comments: ChatSwipe 
ProductName: ChatSwipe 
ProductVersion: 4.04.0001
FileDescription: ChatSwipe 
OriginalFilename: AFFEJENDES.exe

Trojan.Win32.Mucc.rzm also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (W)
Cyren	W32/VBKrypt.BAQ.gen!Eldorado
ESET-NOD32	a variant of Win32/Injector.EQEE
APEX	Malicious
Avast	FileRepMalware
Kaspersky	Trojan.Win32.Mucc.rzm
BitDefender	Trojan.GenericKD.37664314
MicroWorld-eScan	Trojan.GenericKD.37664314
Ad-Aware	Trojan.GenericKD.37664314
BitDefenderTheta	Gen:NN.ZevbaF.34170.fm0@aeLvpugb
McAfee-GW-Edition	BehavesLike.Win32.Trojan.mm
FireEye	Generic.mg.3a27f66a430a3b54
Emsisoft	Trojan.GenericKD.37664314 (B)
eGambit	Unsafe.AI_Score_99%
Kingsoft	Win32.Troj.Mucc.r.(kcloud)
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Arcabit	Trojan.Generic.D23EB63A
ZoneAlarm	Trojan.Win32.Mucc.rzm
GData	Trojan.GenericKD.37664314
McAfee	Artemis!3A27F66A430A
MAX	malware (ai score=83)
Malwarebytes	MachineLearning/Anomalous.94%
TrendMicro-HouseCall	TROJ_GEN.F0D1C00IR21
Ikarus	Trojan.Win32.Injector
Fortinet	W32/PossibleThreat
AVG	FileRepMalware

How to remove Trojan.Win32.Mucc.rzm?

Trojan.Win32.Mucc.rzm removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X