TrojanDownloader:Win32/Small.AABM malicious file

The TrojanDownloader:Win32/Small.AABM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What TrojanDownloader:Win32/Small.AABM virus can do?

Dynamic (imported) function loading detected
Performs HTTP requests potentially not found in PCAP.
HTTPS urls from behavior.
Authenticode signature is invalid

How to determine TrojanDownloader:Win32/Small.AABM?


File Info:
name: 23B06031ED42DB1801BF.mlw
path: /opt/CAPEv2/storage/binaries/f219a188346a40bf36931da57a2621b754abf104156cd5dfcb2c035ce79a6e2f
crc32: 85AFF13E
md5: 23b06031ed42db1801bfaa4cac54d0cb
sha1: 2eb1593c4e97f5f34b084b9c4e96b8229cb6a299
sha256: f219a188346a40bf36931da57a2621b754abf104156cd5dfcb2c035ce79a6e2f
sha512: 819c9faec3bc3c6c38f36580010b55ac2698b05925932666a4bf2c161513e410878cbb4bef86928df64e66c277b8e35786ded787811de9194f1d5dc09a589422
ssdeep: 96:cyRt7wRpHDQanhgdH5SgJiVPabF+kPtboynmf7j7+I85Z:cyQRp3hIIgYO+kP1oyn3IG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15BD12A271968D4B2D28E08F38C417AD1917319B15B71AB1F4E330A54BDF30E7871A2AB
sha3_384: f076bfabd56c230d22b8b9bd4d04f25b2de4f650e043b1a0843410d0374587c2fe21234c0d7f21eb82298f041f19eec6
ep_bytes: 558bec6aff686820400068901b400064
timestamp: 2010-07-19 17:47:26

Version Info:
0: [No Data]

TrojanDownloader:Win32/Small.AABM also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Stabs.lbg2
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.Generic.4792466
FireEye	Generic.mg.23b06031ed42db18
ALYac	Trojan.Generic.4792466
Cylance	Unsafe
Sangfor	Trojan.Win32.Hexadom.A
Alibaba	TrojanDownloader:Win32/Hexadom.a8357b80
Cybereason	malicious.1ed42d
VirIT	Trojan.Win32.Small.ATCT
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/TrojanDownloader.Small.PCY
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Trojan.Small-14675
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Trojan.Generic.4792466
NANO-Antivirus	Trojan.Win32.Small.bmofl
Avast	Win32:Trojan-gen
Tencent	Win32.Trojan-Downloader.Small.nnk
Ad-Aware	Trojan.Generic.4792466
Sophos	Mal/Generic-R + Troj/Small-EOF
Comodo	TrojWare.Win32.Small.dy101@4owfj5
F-Secure	Trojan.TR/Hexadom.A
DrWeb	Trojan.DownLoad2.44244
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Trojan.Generic.4792466 (B)
SentinelOne	Static AI – Suspicious PE
GData	Trojan.Generic.4792466
Jiangmin	TrojanDownloader.Small.ajkd
Webroot	W32.Malware.Gen
Avira	TR/Hexadom.A
Antiy-AVL	Trojan/Generic.ASMalwS.320354
Kingsoft	Win32.TrojDownloader.Small.at.(kcloud)
ViRobot	Trojan.Win32.A.Downloader.6656.FM
Microsoft	TrojanDownloader:Win32/Small.AABM
Cynet	Malicious (score: 100)
AhnLab-V3	Downloader/Win32.Small.C146478
McAfee	Artemis!23B06031ED42
MAX	malware (ai score=100)
VBA32	BScope.Trojan.Wacatac
Rising	Downloader.Small!8.B41 (CLOUD)
Yandex	Trojan.GenAsa!D8lJ4EVqAlM
Ikarus	Trojan-Downloader.Win32.Small
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Small.ATCT!tr.dldr
BitDefenderTheta	Gen:NN.ZexaF.34606.amW@a4SE4zm
AVG	Win32:Trojan-gen
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_70% (W)

How to remove TrojanDownloader:Win32/Small.AABM?

TrojanDownloader:Win32/Small.AABM removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X