Trojan

Trojan.Win32.Scar.szhm removal guide

Malware Removal

The Trojan.Win32.Scar.szhm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Scar.szhm virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Deletes executed files from disk
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Win32.Scar.szhm?



File Info:

name: B30C247FCC08652B6F2F.mlw
path: /opt/CAPEv2/storage/binaries/654d0288b53db49a0b4d4fb6e1a4c1465680555fab8684aeaa21cd063912b141
crc32: 4967FDCC
md5: b30c247fcc08652b6f2fe422fd2940f6
sha1: 0f9f06b8b510b5cea4c873119a44432fa18e625a
sha256: 654d0288b53db49a0b4d4fb6e1a4c1465680555fab8684aeaa21cd063912b141
sha512: 5a4bedac70ece22258d8154136d630837f9d6909846036a0b5afbc0d618de272cd2d852140b38b2b0d96bc96c9f08249909c8204150dc325071991a1817e9017
ssdeep: 12288:PK2mhAMJ/cPlslo4ELVYZocwjcRYsOG5qJiCaWW/cNKSLExMYq3k2:i2O/GlslwVYZT8casOGsJDW/cNKLmYx2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T126A4020277C8847AEAA01730AEBF6666E178BD35ADB9E50EF7143B0D77755834026323
sha3_384: a4b70376538e0d4a9d715ff5f8fa024faeefc8eec60393855ca2350c8947f3b5faf2e9c33b140a0237b27e6aaf990f76
ep_bytes: e8e3feffff33c050505050e89f300000
timestamp: 2012-06-09 13:19:49


Version Info:

0: [No Data]

Trojan.Win32.Scar.szhm also known as:

BkavW32.Common.A859E6CA
DrWebProgram.RemoteAdmin.690
AlibabaTrojan:Win32/Generic.517a3440
CrowdStrikewin/grayware_confidence_90% (D)
KasperskyTrojan.Win32.Scar.szhm
NANO-AntivirusRiskware.Win32.RemoteAdmin.fizidm
JiangminRemoteAdmin.WinVNC-based.dv
KingsoftWin32.Trojan.Scar.a
ZoneAlarmTrojan.Win32.Scar.szhm
MaxSecureTrojan.Malware.15025.susgen
FortinetRiskware/Application
alibabacloudTrojan:Win/Scar.szhm

How to remove Trojan.Win32.Scar.szhm?

Trojan.Win32.Scar.szhm removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment