Trojan

TrojanDownloader:Linux/ShWg.YB!MTB removal

Malware Removal

The TrojanDownloader:Linux/ShWg.YB!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Linux/ShWg.YB!MTB virus can do?

  • Injection (inter-process)
  • Injection with CreateRemoteThread in a remote process
  • Uses Windows utilities for basic functionality
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • A potential decoy document was displayed to the user
  • Network activity detected but not expressed in API logs
  • Harvests information related to installed mail clients

How to determine TrojanDownloader:Linux/ShWg.YB!MTB?



File Info:

crc32: A01865E9
md5: a888b03f4a71c6a6d0df4dc3b0350448
name: tmpac44vooy
sha1: 7e811984d56d7ee3022e8cd1b9b1a2a33578b9b0
sha256: b296a7d19ef6ea942430d5db7ee72804122185e348947892b846241527c28420
sha512: 15e14b84f6476066e37812b7a26b9e6773a6bdc7645bfc351f63271ed7ebed1715d1b2a80345a07215ac6dfa948b07e9d4849b56dba88f0bf80cb8ff8dcda34f
ssdeep: 24:vuBEoR94pSkOlhpxUQHphWhRpvCCjsBPu:vuyoRu5Gh3+Zjshu
type: Bourne-Again shell script, ASCII text executable


Version Info:

0: [No Data]

TrojanDownloader:Linux/ShWg.YB!MTB also known as:

DrWebLinux.DownLoader.664
MicroWorld-eScanGeneric.Bash.MiraiA.5FE79A16
FireEyeGeneric.Bash.MiraiA.5FE79A16
ALYacGeneric.Bash.MiraiA.5FE79A16
ArcabitGeneric.Bash.MiraiA.5FE79A16
ESET-NOD32Linux/TrojanDownloader.SH.S
TrendMicro-HouseCallELF_MIRAILOD.SM
AvastBV:Downloader-AAN [Drp]
KasperskyHEUR:Trojan-Downloader.Shell.Agent.p
BitDefenderGeneric.Bash.MiraiA.5FE79A16
NANO-AntivirusTrojan.Script.Downloader.fjajjs
TencentHeur:Trojan.Linux.Downloader.e
Ad-AwareGeneric.Bash.MiraiA.5FE79A16
EmsisoftGeneric.Bash.MiraiA.5FE79A16 (B)
ComodoTrojWare.Script.TrojanDownloader.Agent.D@7qvmcx
F-SecureMalware.HTML/ExpKit.Gen2
TrendMicroELF_MIRAILOD.SM
McAfee-GW-EditionLinux/Downloader.k
SophosMal/ShellDl-A
IkarusTrojan-Downloader.Linux.Sh
AviraHTML/ExpKit.Gen2
FortinetBASH/MiraiA.SHELL!tr.dldr
MicrosoftTrojanDownloader:Linux/ShWg.YB!MTB
AhnLab-V3Shell/ElfDownloader.S1
ZoneAlarmHEUR:Trojan-Downloader.Shell.Agent.p
CynetMalicious (score: 85)
McAfeeLinux/Downloader.k
MAXmalware (ai score=81)
GDataGeneric.Bash.MiraiA.5FE79A16
AVGBV:Downloader-AAN [Drp]

How to remove TrojanDownloader:Linux/ShWg.YB!MTB?

TrojanDownloader:Linux/ShWg.YB!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment