Trojan

Trojan.Win32.Snojan.iih removal

Malware Removal

The Trojan.Win32.Snojan.iih is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Snojan.iih virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Network activity detected but not expressed in API logs

How to determine Trojan.Win32.Snojan.iih?



File Info:

crc32: 44A921FC
md5: 3097f918b32b4ede65fa9b0f81af7e33
name: d7gandadi.exe
sha1: 72a02069523c9ff92699fd764a64182afeefa1f0
sha256: 3f808458098a8c2d1e7b96f1b61d7b1576f819c6fe53daad3ca4b266485162a3
sha512: 3574954ef562196842314a54ef0c7cc0c5be1280552370b0c85de91e90f23c22696993ead2a5e041709d00a1b591b50835bfa3b052c403d57857a0d5d18f76af
ssdeep: 196608:ouAsY+S0Lxhd6bP9eyglcQiZbMJlo9nGptH2ziS7:o0BSFeygavpMJl3Haiy
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName: dadi                                                        
Comments: x6b64x5b89x88c5x7a0bx5e8fx7531 Inno Setup x6784x5efax3002
ProductName: x300ax7b2cx4e03x611fx5927x5e95x5236x4f5cx5de5x5177x300bV2.13 x7248                                          
ProductVersion:                     
FileDescription: x300ax7b2cx4e03x611fx5927x5e95x5236x4f5cx5de5x5177x300bV2.13 x7248 Setup                                    
Translation: 0x0804 0x0000

Trojan.Win32.Snojan.iih also known as:

DrWebTrojan.DownLoader23.58750
McAfeeArtemis!3097F918B32B
CylanceUnsafe
SangforMalware
SymantecML.Attribute.HighConfidence
AvastWin32:Malware-gen
KasperskyTrojan.Win32.Snojan.iih
AlibabaTrojan:Win32/Snojan.b3dc7f8c
NANO-AntivirusTrojan.Win32.Snojan.elsidj
AegisLabTrojan.Win32.Snojan.4!c
TencentWin32.Trojan.Snojan.Ligt
SophosMal/Emogen-F
ComodoMalware@#1vkb94bsdxl4i
F-SecureTrojan.TR/Snojan.teemf
McAfee-GW-EditionBehavesLike.Win32.AdwareFileTour.rc
IkarusTrojan.Snojan
eGambitUnsafe.AI_Score_85%
AviraTR/Snojan.teemf
MAXmalware (ai score=96)
ZoneAlarmTrojan.Win32.Snojan.iih
MicrosoftTrojan:Win32/Occamy.C
VBA32Trojan.Snojan
RisingTrojan.Snojan!8.E387 (CLOUD)
MaxSecureTrojan.Malware.10612370.susgen
FortinetW32/Snojan.F!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan.Win32.Snojan.iih?

Trojan.Win32.Snojan.iih removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment