Trojan

What is “TrojanDownloader:Win32/Beebone.CR”?

Malware Removal

The TrojanDownloader:Win32/Beebone.CR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/Beebone.CR virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine TrojanDownloader:Win32/Beebone.CR?



File Info:

name: 8016C1A5D6D96BE85AB2.mlw
path: /opt/CAPEv2/storage/binaries/92e45f43cb3357e9f7fb96062fd023b9b7c5bdf9c11937a1f1d824d4aabae524
crc32: 75DA16E0
md5: 8016c1a5d6d96be85ab2f5b73112145b
sha1: 070e325b7cead323064ee1002112bf8d83f81c01
sha256: 92e45f43cb3357e9f7fb96062fd023b9b7c5bdf9c11937a1f1d824d4aabae524
sha512: b1ce547affaac81bfd2d9be52dd3538fa9617d1dc7f6235d0d5c21d26424eb78dd0c7bf93b7c183a8bd62a89669cc929670efa42e577a4d1b3aca89603395018
ssdeep: 384:Xkb0sOIqb4qnX/nTzpDQZ7DR5J9jGSr+WSKFEpjW3s+vJgR0m6ttdlXnCexJpEMT:Xkor94aX0myG6tt/XCexJpSuMeQlLEo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15A43B51D7294E23DD522CAFA3E15039855ADBC3905E8E803F7A07B2532F9E53B665313
sha3_384: c63aecba6612f52417267d4ba737d25e77047b4eb7a730531cda7fb86b1ff90c57bcf28cbc05449a32e0da45ebf7fce8
ep_bytes: 6868204000e8eeffffff000058000000
timestamp: 2012-07-31 07:43:54


Version Info:

Translation: 0x0409 0x04b0
Comments: interregna
CompanyName: interregna
FileDescription: interregna
LegalCopyright: interregna
LegalTrademarks: interregna
ProductName: interregna
FileVersion: 0.10
ProductVersion: 0.10
InternalName: deresining
OriginalFilename: deresining.exe

TrojanDownloader:Win32/Beebone.CR also known as:

BkavW32.AIDetect.malware2
tehtrisGeneric.Malware
DrWebTrojan.DownLoader6.37855
MicroWorld-eScanGen:Variant.Ursu.343789
FireEyeGeneric.mg.8016c1a5d6d96be8
CAT-QuickHealTrojan.Beebone.D
ALYacGen:Variant.Ursu.343789
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 003c32e91 )
K7GWTrojan ( 003c32e91 )
Cybereasonmalicious.5d6d96
BitDefenderThetaGen:NN.ZevbaF.34742.dm0@ay6J3ugi
VirITTrojan.Win32.Generic.DOG
CyrenW32/Downloader.DX.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/VBObfus.H
TrendMicro-HouseCallTROJ_DOWNLOADER_CA083083.TOMC
KasperskyWorm.Win32.WBNA.ipa
BitDefenderGen:Variant.Ursu.343789
NANO-AntivirusTrojan.Win32.Jorik.covkle
SUPERAntiSpywareTrojan.Agent/Gen-Dropper
AvastWin32:VBCrypt-BJA [Trj]
TencentMalware.Win32.Gencirc.10c35525
Ad-AwareGen:Variant.Ursu.343789
SophosML/PE-A + Mal/VBDldr-J
ComodoTrojWare.Win32.TrojanDownloader.VB.BWUU@4pctrr
BaiduWin32.Trojan.VBObfus.f
ZillyaTrojan.Jorik.Win32.114289
TrendMicroTROJ_DOWNLOADER_CA083083.TOMC
McAfee-GW-EditionDownloader-FDX!8016C1A5D6D9
EmsisoftGen:Variant.Ursu.343789 (B)
SentinelOneStatic AI – Malicious PE
JiangminWorm/WBNA.dfcd
WebrootW32.Obfuscated.Gen
AviraTR/Jorik.CP
MAXmalware (ai score=84)
MicrosoftTrojanDownloader:Win32/Beebone.CR
ArcabitTrojan.Ursu.D53EED
GDataGen:Variant.Ursu.343789
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.ZAccess.R34600
McAfeeDownloader-FDX!8016C1A5D6D9
VBA32Trojan.ZAccess
APEXMalicious
YandexTrojan.GenAsa!Ik16/qAQkCw
IkarusTrojan-PWS.Win32.Zbot
FortinetW32/VB.ZJU!tr.dldr
AVGWin32:VBCrypt-BJA [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove TrojanDownloader:Win32/Beebone.CR?

TrojanDownloader:Win32/Beebone.CR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment