Trojan

TrojanDownloader:Win32/Renos.PA removal instruction

Malware Removal

The TrojanDownloader:Win32/Renos.PA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/Renos.PA virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine TrojanDownloader:Win32/Renos.PA?



File Info:

name: 3F25D08144DAF245120C.mlw
path: /opt/CAPEv2/storage/binaries/46f5c242229db1fce5bd763262e8adf01364b336a9bcb5b5722cf8a974ceeaa7
crc32: 1A59FBAD
md5: 3f25d08144daf245120ccb302432f550
sha1: 673d430d119b0f9b8c33e923171d6ddda3e1739b
sha256: 46f5c242229db1fce5bd763262e8adf01364b336a9bcb5b5722cf8a974ceeaa7
sha512: f4909ddf148dbe7fb1ef4ea41105355a622faae75ef1f510c49bf01243d64faf003fdd9a94c04751c5caaf8325e77af28f1b556420b45bbffdcc27f91ecbf169
ssdeep: 6144:28lLSeKLxjiZjdhTv2tIyzJM/FAvzBF/nM+BNlocz4xWadXmRd7gJQa3:2mFT1yNM/Wvz/Z4WaSdUJP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T133B44DDE560119DCEEF8AF740E2B764F885E6461C773D2F3C2A158D2839A209F38D664
sha3_384: 1465f3519c87a13e09d9a689f16fee5a74f445f9cdc61b965b195ee40ecad7d227032916272c23e0a9133c93acab7a6d
ep_bytes: 830504804700010f827f0100003b4c24
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

TrojanDownloader:Win32/Renos.PA also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.CodecPack.lmCO
MicroWorld-eScanGen:Variant.Graftor.6753
FireEyeGeneric.mg.3f25d08144daf245
CAT-QuickHealTrojan.Renos.LX
SkyhighBehavesLike.Win32.Adware.ht
ALYacGen:Variant.Graftor.6753
MalwarebytesMalware.AI.4186679045
VIPREGen:Variant.Graftor.6753
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 004bcce41 )
BitDefenderGen:Variant.Graftor.6753
K7GWTrojan ( 004bcce41 )
Cybereasonmalicious.d119b0
BitDefenderThetaAI:Packer.951A124F21
VirITTrojan.Win32.Generic.CGZH
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.FakeAlert.BHY
APEXMalicious
ClamAVWin.Downloader.110312-1
KasperskyTrojan-Downloader.Win32.CodecPack.ahzb
AlibabaTrojanDownloader:Win32/CodecPack.1c1bd431
NANO-AntivirusTrojan.Win32.AgentIE.bunab
RisingTrojan.Kazy!1.6834 (CLASSIC)
SophosMal/EncPk-NS
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.Packed.21448
ZillyaDownloader.CodecPack.Win32.7747
TrendMicroMal_Renos-14
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Graftor.6753 (B)
IkarusTrojan-Downloader.Win32.CodecPack
GDataGen:Variant.Graftor.6753
JiangminTrojanDownloader.CodecPack.byv
WebrootW32.Trojan.Gen
GoogleDetected
AviraTR/Crypt.XPACK.Gen
VaristW32/FakeAlert.LJ.gen!Eldorado
Antiy-AVLTrojan[Downloader]/Win32.CodecPack.sjt
KingsoftWin32.Troj.Undef.a
XcitiumPacked.Win32.MUPX.Gen@24tbus
ArcabitTrojan.Graftor.D1A61
ZoneAlarmTrojan-Downloader.Win32.CodecPack.ahzb
MicrosoftTrojanDownloader:Win32/Renos.PA
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Renos.R2040
McAfeeDownloader-CEW.r
MAXmalware (ai score=100)
DeepInstinctMALICIOUS
VBA32Trojan-Downloader.23205
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallMal_Renos-14
TencentWin32.Trojan-Downloader.Codecpack.Anhl
YandexTrojan.GenAsa!h+wbswWlUZ8
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.CodecPack.Gen
FortinetW32/CodecPack.V!tr.dldr
AVGWin32:Downloader-FRT [Trj]
AvastWin32:Downloader-FRT [Trj]
CrowdStrikewin/malicious_confidence_100% (D)

How to remove TrojanDownloader:Win32/Renos.PA?

TrojanDownloader:Win32/Renos.PA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment