Categories: Trojan

TrojanDownloader:Win32/Banload.APW malicious file

The TrojanDownloader:Win32/Banload.APW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What TrojanDownloader:Win32/Banload.APW virus can do?

Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
Drops a binary and executes it
Unconventionial binary language: Portuguese (Brazil)
Unconventionial language used in binary resources: Portuguese (Brazilian)
Uses Windows utilities for basic functionality
Checks for the presence of known windows from debuggers and forensic tools
Network activity contains more than one unique useragent.
Exhibits possible ransomware file modification behavior
Creates a hidden or system file
Attempts to modify proxy settings
Creates a copy of itself
Anomalous binary characteristics
Clears web history

Related domains:

lancamentos.sh06.com

How to determine TrojanDownloader:Win32/Banload.APW?


File Info:
crc32: F19929E2md5: d5b167750c9f4a67e99801f08fdb267ename: D5B167750C9F4A67E99801F08FDB267E.mlwsha1: 2fadd7c44ce3477b8f991523569769bcb8537d0fsha256: 81f3c76e7fa67db695f25572d4e833d70e44b7ad839fe9578bd4c911033688aasha512: 2db250a27075d7e9e43eebffdbd2355096f1f2be8f46229117e91800a9b8e4b056ccd42a390f06f4eb3190809348f744a49c6c4b917cd057d8f9ffcea84bdf72ssdeep: 6144:EY3XM8biH2Jee4NupNLQZeZv/hlmxh+AT1N8ovaqyiE86JqzOOhexhoB9Cml:9M8biWJR4s5rmquN8oEJKOHg9CMtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: InternalName: FileVersion: 1.0.0.2CompanyName: FREELegalTrademarks: Comments: Free componenteProductName: UpdateProductVersion: 1.0.0.0FileDescription: OriginalFilename: Translation: 0x0416 0x04e4

TrojanDownloader:Win32/Banload.APW also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.Crypt.Delf.X
FireEye	Generic.mg.d5b167750c9f4a67
ALYac	Trojan.Crypt.Delf.X
Cylance	Unsafe
Zillya	Downloader.Banload.Win32.43986
Sangfor	Trojan.Win32.Banload.APW
Alibaba	TrojanDownloader:Win32/Banload.5eb681ff
Cybereason	malicious.50c9f4
Arcabit	Trojan.Crypt.Delf.X
Cyren	W32/Backdoor.LUNA-9180
Symantec	Downloader.Bancos!gen
APEX	Malicious
Avast	Win32:Dropper-gen [Drp]
Kaspersky	HEUR:Trojan-Downloader.Win32.Generic
BitDefender	Trojan.Crypt.Delf.X
NANO-Antivirus	Trojan.Win32.Banload.bbaihb
Paloalto	generic.ml
Rising	Spyware.Delf!8.12D (TFE:3:IA8enHU3GUK)
Ad-Aware	Trojan.Crypt.Delf.X
Sophos	Mal/Generic-R + Mal/Banloa-A
Comodo	Malware@#zmmh43fn5xh2
F-Secure	Trojan.TR/Dldr.Banloa.EV.1
DrWeb	Trojan.DownLoader7.7745
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_BANLOAD.GNM
McAfee-GW-Edition	Generic.dx!D5B167750C9F
Emsisoft	Trojan.Crypt.Delf.X (B)
Jiangmin	TrojanDownloader.Generic.afhh
Webroot	W32.Malware.Downloader
Avira	TR/Dldr.Banloa.EV.1
eGambit	Unsafe.AI_Score_92%
Antiy-AVL	Trojan[Downloader]/Win32.Unknown
Kingsoft	Win32.Troj.Undef.(kcloud)
Gridinsoft	Trojan.Win32.Downloader.oa
Microsoft	TrojanDownloader:Win32/Banload.APW
AegisLab	Trojan.Win32.Generic.a!c
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Trojan.Crypt.Delf.X
Cynet	Malicious (score: 85)
McAfee	Generic.dx!D5B167750C9F
MAX	malware (ai score=89)
VBA32	suspected of Trojan.Downloader.gen.h
Malwarebytes	Generic.Malware/Suspicious
ESET-NOD32	a variant of Win32/TrojanDownloader.Banload.RNU
TrendMicro-HouseCall	TROJ_BANLOAD.GNM
Tencent	Win32.Trojan-downloader.Generic.Wsjp
Yandex	Trojan.GenAsa!WrVygL2O+Gg
Ikarus	Trojan.Win32.Spy
Fortinet	W32/Delf.RUN!tr.dldr
BitDefenderTheta	AI:Packer.2412432D21
AVG	Win32:Dropper-gen [Drp]
Panda	Trj/Genetic.gen
Qihoo-360	Generic/Trojan.d3e