Trojan

TrojanDownloader:Win32/Adload.BO (file analysis)

Malware Removal

The TrojanDownloader:Win32/Adload.BO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/Adload.BO virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid

How to determine TrojanDownloader:Win32/Adload.BO?



File Info:

name: B659876309EADE91BC44.mlw
path: /opt/CAPEv2/storage/binaries/1f45b172ba0847db90d8046233b0bae849c9112f7086b320249c452d968a44f0
crc32: 94C521CC
md5: b659876309eade91bc44378c0d8d1fa5
sha1: 5704ad9b1da7d221d7c46dedd0b61fcf03d3911e
sha256: 1f45b172ba0847db90d8046233b0bae849c9112f7086b320249c452d968a44f0
sha512: 80f67fde484766aae6764477ace68f6095de28337c7799d8fb8140e3665b9a1ad4408bbce3772e877695f3e47afc17924c9649d55e471a5a9ba4f349a1037179
ssdeep: 1536:HjqNNErnoLzGbK3T+Gh4doEhB0dpOozsFWfC+cZ:Hjq6Vmwk7zsFWfC+cZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15A73AE2374F38872F59240B114A54F3ADB3EFA2106629D97C7685FD96E30EA28236357
sha3_384: ed673b32d6f0103bf50d2cc7b039d28a5ef434379b25f29c8ae202b5fb09299660bca74356cae85b43372866fa3e9997
ep_bytes: 558bec6aff68b8c1400068d059400064
timestamp: 2010-12-23 05:30:41


Version Info:

Comments: 
CompanyName: Microsoft Corporation
FileDescription: msconfig.exe
FileVersion: 5.3.3790.1840
InternalName: sqmdata.exe
LegalCopyright: Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: sqmdata.exe
PrivateBuild: 
ProductName: Microsoft  Windows  Operating System
ProductVersion: 5.3.3790.1840
SpecialBuild: 
Translation: 0x0804 0x04b0

TrojanDownloader:Win32/Adload.BO also known as:

LionicAdware.Win32.Generic.lpmS
DrWebAdware.Siggen.9916
MicroWorld-eScanGen:Variant.Adware.Symmi.19008
FireEyeGeneric.mg.b659876309eade91
CAT-QuickHealTrojan.Mauvaise.SL1
SkyhighGenDownloader.nj
McAfeeGenDownloader.nj
VIPREGen:Variant.Adware.Symmi.19008
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan-Downloader ( 0055e3da1 )
AlibabaAdWare:Win32/Adload.34e35213
K7GWTrojan-Downloader ( 0055e3da1 )
CrowdStrikewin/malicious_confidence_90% (D)
BitDefenderThetaGen:NN.ZexaF.36744.eq0@ai7@9peb
VirITTrojan.Win32.DownLoad2.BDXN
SymantecInfostealer.Gampass
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.Adload.NFL
APEXMalicious
ClamAVWin.Trojan.Toopu-1
Kasperskynot-a-virus:HEUR:AdWare.Win32.Agent.gen
BitDefenderGen:Variant.Adware.Symmi.19008
NANO-AntivirusTrojan.Win32.Adload.cdvrn
AvastWin32:Downloader-IGO [Trj]
TencentMalware.Win32.Gencirc.10b2b171
EmsisoftGen:Variant.Adware.Symmi.19008 (B)
F-SecureTrojan.TR/Downloader.Gen
ZillyaDownloader.Adload.Win32.10028
TrendMicroTROJ_ADLOAD.SMID
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
MAXmalware (ai score=100)
GDataGen:Variant.Adware.Symmi.19008
JiangminAdware/AdHelper.cv
Webroot
GoogleDetected
AviraTR/Downloader.Gen
VaristW32/OnlineGames.IK.gen!Eldorado
Antiy-AVLTrojan[Downloader]/Win32.Adload
Kingsoftmalware.kb.a.1000
XcitiumMalware@#1i3dbie8jbnwb
ArcabitTrojan.Adware.Symmi.D4A40
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.Agent.gen
MicrosoftTrojanDownloader:Win32/Adload.BO
CynetMalicious (score: 100)
AhnLab-V3Spyware/Win32.Gampass.R2792
VBA32TrojanDownloader.Adload
ALYacGen:Variant.Adware.Symmi.19008
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_ADLOAD.SMID
RisingAdware.AdLoad!1.6609 (CLASSIC)
YandexTrojan.GenAsa!dOHe1SnRlzE
IkarusTrojan-Downloader.SuspectCRC
MaxSecureDownloader.W32.Agent.fyus
FortinetW32/Adload.NFL!tr.dldr
AVGWin32:Downloader-IGO [Trj]
Cybereasonmalicious.b1da7d
DeepInstinctMALICIOUS

How to remove TrojanDownloader:Win32/Adload.BO?

TrojanDownloader:Win32/Adload.BO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment