Trojan

Trojan.Win32.PyArmid removal guide

Malware Removal

The Trojan.Win32.PyArmid is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.PyArmid virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Executable file is packed/obfuscated with Themida
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Win32.PyArmid?



File Info:

name: 79F72180A342FDF09187.mlw
path: /opt/CAPEv2/storage/binaries/f32347e9518ef2b90ccd331d8cd14894deaa8fe93bebc298551f7193fb534393
crc32: B7E12A97
md5: 79f72180a342fdf09187758bbc7b6fea
sha1: d3553368c357d5b87c031c6304964f3bf636c117
sha256: f32347e9518ef2b90ccd331d8cd14894deaa8fe93bebc298551f7193fb534393
sha512: e3c96a0769760fab270667309bdd5054d3fe4bb3eb8401816dc3d6f85a6443b15c29c4b6c6c17ffdef900c1d442865c2f09524c11606f604563cf8e7a7b03376
ssdeep: 49152:MnFx520g59REINk6yrrWc9vdb6pcHBSiyIhe8yTsSDqQYd4u6dOazZgPO1CM4p9w:Mn120gvij6ynRWghFRxQMsd1gG1Ciyl2
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T18A06CF2CF7CB01F2C86E2C36A1A1E33B4A3C35C1452F5D12DB189E9BA9DE61155D8B36
sha3_384: 530469b8adb9a49fcaa84dd0e18da69ea115415f7b6d3c555db4f6ea2610e62b79c8bac5bcdb53a3280ce4e26801b23c
ep_bytes: e84b0100005389e3538b73088b7b10fc
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Trojan.Win32.PyArmid also known as:

BkavW32.Common.ECCAE1C6
LionicTrojan.Win32.PyArmid.4!c
Elasticmalicious (high confidence)
FireEyeGeneric.mg.79f72180a342fdf0
McAfeeArtemis!79F72180A342
SangforPacker.Win32.Themida.swycg
CrowdStrikewin/malicious_confidence_60% (W)
SymantecML.Attribute.HighConfidence
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.PyArmid.gen
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Evo-gen [Trj]
RisingTrojan.PyArmid!8.1842C (TFE:5:yNC9ZMVWgeR)
WebrootW32.Malware.Gen
Antiy-AVLTrojan/Win32.PyArmid
ZoneAlarmHEUR:Trojan.Win32.PyArmid.gen
VBA32BScope.Trojan.Witch
Cylanceunsafe
TencentMalware.Win32.Gencirc.13ccbf61
MaxSecureTrojan.Malware.209402199.susgen
FortinetW32/PossibleThreat
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan.Win32.PyArmid?

Trojan.Win32.PyArmid removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment