Trojan

TrojanDownloader:Win32/Banload.AHC (file analysis)

Malware Removal

The TrojanDownloader:Win32/Banload.AHC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/Banload.AHC virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine TrojanDownloader:Win32/Banload.AHC?



File Info:

name: 6701043AFF305D499EDD.mlw
path: /opt/CAPEv2/storage/binaries/3dd836e593b3990688a6a6eeaab95e64e2e665368a4fed92041a3ac44ba84376
crc32: F72828BE
md5: 6701043aff305d499edd85cabf880198
sha1: 4db1f8a529c9afc3849beb43b40dbc1b8c399f4a
sha256: 3dd836e593b3990688a6a6eeaab95e64e2e665368a4fed92041a3ac44ba84376
sha512: 16ea75187dd9dcd4e9f00d6109634d87e1ee3db30699107ff39342330066df8bcc06577e3fa42408de076c6764ddfe5322e363361f8eb76f791531e62209b09e
ssdeep: 192:NjoMLMN9MZ/zKY9eWYvBqUlEhWMnvQbLDzgzDu4QJWVA:NjoMoezH9eDYUlQvQbLDkzDu4QJWVA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T163B28463A85C4037F18A8BF309378BF549267C212BA09E4B6D89BF2C1C7518369F561F
sha3_384: 852a5b7df3658960722fc395e1ff4922f74bd693eabdae849694bb4939e3d9cb72f451b88a50b7a35940e18c7e3e18ee
ep_bytes: 6864154000e8eeffffff000000000000
timestamp: 2011-09-09 13:40:35


Version Info:

Translation: 0x0409 0x04b0
CompanyName: Microsoft
ProductName: Judas
FileVersion: 1.00
ProductVersion: 1.00
InternalName: PontaDeJudas
OriginalFilename: PontaDeJudas.exe

TrojanDownloader:Win32/Banload.AHC also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Genome.a!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoad2.34947
MicroWorld-eScanGen:Trojan.Downloader.bm0@aqOjfIci
FireEyeGen:Trojan.Downloader.bm0@aqOjfIci
SkyhighBehavesLike.Win32.Infected.mz
ALYacGen:Trojan.Downloader.bm0@aqOjfIci
VIPREGen:Trojan.Downloader.bm0@aqOjfIci
SangforTrojan.Win32.Downloader.Gen
CrowdStrikewin/malicious_confidence_70% (W)
BitDefenderGen:Trojan.Downloader.bm0@aqOjfIci
K7GWTrojan-Downloader ( 0055e3da1 )
K7AntiVirusTrojan-Downloader ( 0055e3da1 )
BitDefenderThetaAI:Packer.1CB0E5E01F
VirITTrojan.Win32.DownLoad2.BZSD
SymantecTrojan.Gen
ESET-NOD32a variant of Win32/TrojanDownloader.VB.PIG
APEXMalicious
ClamAVWin.Downloader.Barys-9869099-0
KasperskyTrojan-Downloader.Win32.Genome.ctpq
AlibabaTrojanDownloader:Win32/Genome.9de5ec58
RisingDownloader.VBEx!1.99EF (CLASSIC)
SophosMal/VB-YZ
F-SecureTrojan.TR/VB.Downloader.Gen
ZillyaDownloader.Genome.Win32.35517
TrendMicroTROJ_GEN.F21EZL4
EmsisoftGen:Trojan.Downloader.bm0@aqOjfIci (B)
IkarusTrojan-Downloader.VB
MAXmalware (ai score=100)
WebrootW32.Malware.Gen
GoogleDetected
AviraTR/VB.Downloader.Gen
VaristW32/VB.CK_b.gen!Eldorado
Antiy-AVLTrojan[Downloader]/Win32.Genome
Kingsoftmalware.kb.a.986
MicrosoftTrojanDownloader:Win32/Banload.AHC
XcitiumTrojWare.Win32.TrojanDownloader.VB.PMEA@4rev5s
ArcabitTrojan.Downloader.EDF7B8
ZoneAlarmTrojan-Downloader.Win32.Genome.ctpq
GDataGen:Trojan.Downloader.bm0@aqOjfIci
CynetMalicious (score: 99)
AhnLab-V3Downloader/Win32.Genome.C52
McAfeeArtemis!6701043AFF30
DeepInstinctMALICIOUS
VBA32BScope.TrojanDownloader.Genome
Cylanceunsafe
PandaGeneric Malware
TrendMicro-HouseCallTROJ_GEN.F21EZL4
TencentWin32.Trojan-Downloader.Genome.Qgil
FortinetW32/VB.ZIL!tr.dldr
AVGWin32:Downloader-KFS [Trj]
AvastWin32:Downloader-KFS [Trj]

How to remove TrojanDownloader:Win32/Banload.AHC?

TrojanDownloader:Win32/Banload.AHC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment