Adware Reports malware removal guides and threat research Updated security instructions for Windows users
Home/Trojan
Threat report

How to remove “TrojanDownloader:Win32/Beebone.JS”?

Published May 5, 2024 Trojan category 3 min read
Report context

What to verify before removal

Use this report for a controlled check of How to remove “TrojanDownloader:Win32/Beebone.JS”? when the affected machine shows suspicious processes, dropped files, or payload delivery behavior. The goal is to verify the exact file and persistence path before quarantine.

Start by comparing the local file name with D2677066280276732A10.mlw, then review the behavior notes for persistence entries, dropped files, unusual processes, and browser or network changes. This helps separate a matching detection from a different file that only shares a similar alert name.

Observed file
D2677066280276732A10.mlw
  • Compare the suspicious file name with D2677066280276732A10.mlw.
  • Confirm the detection name matches How to remove “TrojanDownloader:Win32/Beebone.JS”? before removing related files.
  • Review the report for persistence entries, dropped files, unusual processes, and browser or network changes so the cleanup is based on observed behavior, not only the label.
  • Run a full scan, quarantine confirmed detections, and restart before signing back in to sensitive accounts.

The TrojanDownloader:Win32/Beebone.JS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What TrojanDownloader:Win32/Beebone.JS virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine TrojanDownloader:Win32/Beebone.JS?



File Info:

name: D2677066280276732A10.mlw
path: /opt/CAPEv2/storage/binaries/30485d39f41de925c57165e3f0dbec32040e9346f7bb53948ebef4c8d210cdbf
crc32: 3A5A2BFE
md5: d2677066280276732a10f47bd90a5c2d
sha1: 6a97fb2e91aa2501bc456a327156509d821d123b
sha256: 30485d39f41de925c57165e3f0dbec32040e9346f7bb53948ebef4c8d210cdbf
sha512: 3ed87c957ff89dd631f88ff334458ff5dc6ea41199602076060ed2c3ea9d3a943c69882f683d6abf418128c2c7690a81a673a15f84eeb73b4e967ffaa479f6a8
ssdeep: 768:v+RQSY12X5DQGKCpy5zI/VcUY/CSXQ6Nhirqbbm0tgS:v+w10QGKCp4mGCV6OyFZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T129333B21A214C0BFF518C2F21D29C59938697E340BD0AD87BAC96FAC157199B78F1B1F
sha3_384: db28197a6fb351c9574e85659d7466e801700c9a574ab415d1328abcf27b864421a27a8acf51c8d7af4c9664e73319da
ep_bytes: 68e0194000e8f0ffffff000000000000
timestamp: 1970-01-01 00:00:00


Version Info:

LegalCopyright: ymmzoj
LegalTrademarks: iognh
ProductName: ofvzrd
FileVersion: 6.92
ProductVersion: 6.92
InternalName: mtzpham
OriginalFilename: mtzpham.exe

TrojanDownloader:Win32/Beebone.JS also known as:

Bkav W32.AIDetectMalware
Lionic Worm.Win32.Luder.o!c
Elastic malicious (high confidence)
DrWeb Trojan.DownLoader9.33267
MicroWorld-eScan Gen:Variant.Symmi.27262
FireEye Generic.mg.d267706628027673
CAT-QuickHeal Trojan.Beebone.D
Skyhigh BehavesLike.Win32.VBObfus.qm
McAfee VBObfus.g
Malwarebytes Malware.AI.3673861357
Zillya Trojan.Luder.Win32.15
Sangfor Suspicious.Win32.Save.vb
K7AntiVirus EmailWorm ( 0040f5291 )
Alibaba Worm:Win32/Luder.a6d5f0c1
K7GW EmailWorm ( 0040f5291 )
BitDefenderTheta Gen:NN.ZevbaF.36804.dm0@aquI8zbi
Symantec W32.Changeup!gen44
tehtris Generic.Malware
ESET-NOD32 a variant of Win32/VBObfus.QF
APEX Malicious
TrendMicro-HouseCall TROJ_GEN.R002C0CBE24
Avast Win32:Evo-gen [Trj]
Kaspersky Worm.Win32.Luder.btax
BitDefender Gen:Variant.Symmi.27262
NANO-Antivirus Trojan.Win32.Luder.dydisu
Tencent Win32.Worm.Luder.Ychl
Emsisoft Gen:Variant.Symmi.27262 (B)
Google Detected
F-Secure Trojan.TR/Beebone.5324812
VIPRE Gen:Variant.Symmi.27262
TrendMicro TROJ_GEN.R002C0CBE24
Trapmine malicious.moderate.ml.score
Sophos Mal/Generic-S
Paloalto generic.ml
Varist W32/Vobfus.JO.gen!Eldorado
Avira TR/Beebone.5324812
MAX malware (ai score=100)
Antiy-AVL Worm/Win32.WBNA.gen
Kingsoft Win32.Worm.Luder.btax
Microsoft TrojanDownloader:Win32/Beebone.JS
Xcitium TrojWare.Win32.Beebone.AIG@4zlikc
Arcabit Trojan.Symmi.D6A7E
ZoneAlarm Worm.Win32.Luder.btax
GData Gen:Variant.Symmi.27262
Cynet Malicious (score: 99)
AhnLab-V3 Trojan/Win32.Vobfus.R71451
VBA32 BScope.Worm.Luder
ALYac Gen:Variant.Symmi.27262
Cylance unsafe
Panda W32/Vobfus.GEW.worm
Rising Worm.Luder!8.1388 (TFE:3:QbzgCcvHojQ)
Yandex Trojan.GenAsa!5ALQ8tOiqhI
Ikarus Trojan-Downloader.Win32.Beebone
MaxSecure Trojan.Malware.5851039.susgen
Fortinet W32/Refroso.AGEA!tr
AVG Win32:Evo-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Worm:Win/VBObfus.QF

How to remove TrojanDownloader:Win32/Beebone.JS?

Recommended second-opinion scan

Verify the infection before changing system settings

Use GridinSoft Anti-Malware to run a full scan, review detected persistence entries, and quarantine confirmed threats before restarting Windows.

Download GridinSoft Anti-Malware
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.