Trojan

Trojan.Win32.Pincav.bqrft (file analysis)

Malware Removal

The Trojan.Win32.Pincav.bqrft is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Pincav.bqrft virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Korean
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Behavioural detection: Injection with CreateRemoteThread in a remote process

How to determine Trojan.Win32.Pincav.bqrft?



File Info:

name: E599BDA5A08AF8F1A67A.mlw
path: /opt/CAPEv2/storage/binaries/8b1eb4dbc182b03cd4b30ac3af811bc74422dc53912951554bd258e189d54062
crc32: 62C8DD55
md5: e599bda5a08af8f1a67a638473c294d0
sha1: fcd331352cee63eb4a41b9a4ce4fb6c4809e63b2
sha256: 8b1eb4dbc182b03cd4b30ac3af811bc74422dc53912951554bd258e189d54062
sha512: 31561aa5bc97ad9f20b416f793ced2fb238a88332b9797c5411c81d26b57b80ed67fe40119318a8567c1fb2293c804262e81b8a2da7c29dbd8d380b08e21dc2a
ssdeep: 3072:WW7ILK8ysS7VXKVnAPbEhP3wU91BknsYoZpfL5kBloe61Ov:1OPyx7x/EhPysZ5O61O
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T179048E3EB2D1803BC0136979DD69D2E5712DBB311F25148FBAF91F0CAF6A1B61528293
sha3_384: bde736a269ab5cbe9e854e07513c31896852e3940b811283c2738077fa47a1a3f03ca4a38d52615beec10714460d5f3e
ep_bytes: 558bec6aff6898224200689823400064
timestamp: 2013-07-18 06:30:28


Version Info:

Comments: 
CompanyName: ITM SYSTEM
FileDescription: DllInj-Old Style
FileVersion: 3, 4, 0, 1
InternalName: DllInj
LegalCopyright: Copyright ITM SYSTEM
LegalTrademarks: 
OriginalFilename: DllInj.exe
PrivateBuild: 
ProductName: ITM SYSTEM DllInj-Old Style
ProductVersion: 3, 4, 0, 1
SpecialBuild: 
Translation: 0x0409 0x04b0

Trojan.Win32.Pincav.bqrft also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Pincav.4!c
MicroWorld-eScanTrojan.GenericKD.12523240
FireEyeTrojan.GenericKD.12523240
McAfeeArtemis!E599BDA5A08A
CylanceUnsafe
ZillyaTrojan.GenericKD.Win32.90193
SangforTrojan.Win32.Pincav.8
AlibabaTrojan:Win32/Pincav.6cf398b0
Cybereasonmalicious.5a08af
BitDefenderThetaGen:NN.ZexaF.34606.kC0@a43vfnbG
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Pincav.bqrft
BitDefenderTrojan.GenericKD.12523240
NANO-AntivirusTrojan.Win32.Pincav.euqbxo
AvastWin32:Malware-gen
TencentWin32.Trojan.Pincav.Akov
Ad-AwareTrojan.GenericKD.12523240
EmsisoftTrojan.GenericKD.12523240 (B)
F-SecureHeuristic.HEUR/AGEN.1241536
VIPRETrojan.GenericKD.12523240
McAfee-GW-EditionArtemis!Trojan
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
GDataTrojan.GenericKD.12523240
JiangminTrojan.Pincav.afl
AviraHEUR/AGEN.1241536
MAXmalware (ai score=98)
Antiy-AVLTrojan/Win32.Invader
KingsoftWin32.Troj.Undef.(kcloud)
ArcabitTrojan.Generic.DBF16E8
ZoneAlarmTrojan.Win32.Pincav.bqrft
MicrosoftTrojan:Win32/Occamy.C8B
CynetMalicious (score: 100)
VBA32Trojan.Pincav
ALYacTrojan.GenericKD.12523240
TACHYONTrojan/W32.Pincav.176128.P
MalwarebytesMalware.Heuristic.1001
YandexTrojan.GenAsa!1XSsOBbPIv8
MaxSecureTrojan.Malware.74083141.susgen
FortinetPossibleThreat.SB!tr
AVGWin32:Malware-gen

How to remove Trojan.Win32.Pincav.bqrft?

Trojan.Win32.Pincav.bqrft removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment