Trojan

How to remove “TrojanClicker:Win32/Tewand.A”?

Malware Removal

The TrojanClicker:Win32/Tewand.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanClicker:Win32/Tewand.A virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • HTTPS urls from behavior.
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • A process attempted to delay the analysis task by a long amount of time.
  • Installs itself for autorun at Windows startup
  • Attempts to modify proxy settings

How to determine TrojanClicker:Win32/Tewand.A?



File Info:

name: 2F7EF21CF69BDF1DAB1F.mlw
path: /opt/CAPEv2/storage/binaries/fae59d49365f4da781825679994e097099916f5b2dd4e160f5be47f6517a49f8
crc32: DFFDB3D4
md5: 2f7ef21cf69bdf1dab1fbf70421e52cf
sha1: db6b8f2e2748c92b115397c0edc0c368b3b5ba59
sha256: fae59d49365f4da781825679994e097099916f5b2dd4e160f5be47f6517a49f8
sha512: 1e1f8612f031479e9042e15e4e2e3525c718391171daa349e474c696f8012329cc68bf42cfddd2eecb021331b1dd4cf82dc56c4d93f0e5a49b8c88b12d48010d
ssdeep: 96:trQGk0cD1tFQ87XD2tdu/wO0LiWfFyGyW9vbFWicREbFwVwoSAs:trRkz1t+oXD4q0LNFXyEgbIiVwbl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E6E1F88B1F6214B3C19F45B05817806E4ABE88352325C4F7DA33938CADE59C3B81C74B
sha3_384: 1d7b5cd0cb8ed36e65f7f774c77b061c4b181c3b2854392e57206f562ed84a21eff648ecb91944d3f62b841ca3a61673
ep_bytes: 558bec83e4f8b8e4110000e8d4000000
timestamp: 2011-10-04 14:07:09


Version Info:

0: [No Data]

TrojanClicker:Win32/Tewand.A also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Malware.S!dld!Z.E4359B29
FireEyeGeneric.mg.2f7ef21cf69bdf1d
McAfeeArtemis!2F7EF21CF69B
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0015e4f01 )
AlibabaTrojanClicker:Win32/Tewand.496c2579
K7GWRiskware ( 0015e4f01 )
Cybereasonmalicious.cf69bd
VirITTrojan.Win32.DownLoader5.RLS
CyrenW32/Threat-HLLSI-based!Maximus
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Agent.REA
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Agent-1156170
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.Malware.S!dld!Z.E4359B29
NANO-AntivirusTrojan.Win32.Dwn.ksicw
AvastWin32:Malware-gen
TencentWin32.Trojan.Generic.rzq
Ad-AwareGeneric.Malware.S!dld!Z.E4359B29
SophosMal/Generic-S
ComodoSuspicious@#18ec2lr2snlxz
DrWebTrojan.DownLoader5.11796
ZillyaDownloader.Agent.Win32.181535
TrendMicroMal_DLDER
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.zm
EmsisoftGeneric.Malware.S!dld!Z.E4359B29 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Generic.oiqd
eGambitUnsafe.AI_Score_77%
AviraTR/ATRAPS.Gen4
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.133D4B4
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojanClicker:Win32/Tewand.A
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGeneric.Malware.S!dld!Z.E4359B29
CynetMalicious (score: 100)
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34212.amW@aqMsJ!e
ALYacGeneric.Malware.S!dld!Z.E4359B29
VBA32BScope.Trojan.Downloader
TrendMicro-HouseCallMal_DLDER
RisingDownloader.Agent!8.B23 (CLOUD)
YandexTrojan.GenAsa!CEiB7eozEBM
IkarusWin32.SuspectCrc
MaxSecureTrojan.Malware.300983.susgen
FortinetDx.BBPZ!tr
WebrootW32.Malware.Gen
AVGWin32:Malware-gen
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove TrojanClicker:Win32/Tewand.A?

TrojanClicker:Win32/Tewand.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment