Trojan

TrojanDownloader:Win32/Tinub.C removal

Malware Removal

The TrojanDownloader:Win32/Tinub.C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/Tinub.C virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (inter-process)
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering

How to determine TrojanDownloader:Win32/Tinub.C?



File Info:

name: EE3E0ECABE5D65C9BA7F.mlw
path: /opt/CAPEv2/storage/binaries/12ef79f2ef54e19e56dd9d62778fbdeb9be09ac2c69a1bc867a987aefbcd80f4
crc32: 284D06EA
md5: ee3e0ecabe5d65c9ba7fc08e0b3f1756
sha1: 6807a4b5a1ddbb44196ba00b3976b29435d1767f
sha256: 12ef79f2ef54e19e56dd9d62778fbdeb9be09ac2c69a1bc867a987aefbcd80f4
sha512: 9e93fd2c90c92408189d097522f518b6bf5dd40bd3d495da99a0c1582e5ca57eb17953b00ddac4fbb554f6fd5dac81af4919bf060e0cc54902f6d2756e7a0cc9
ssdeep: 384:/TL9LygL+UZEkwYVP1d0/hsIQ/kJrm7B9sZb:/nFrZEnGP1qh2kJrmFWZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18AD2AB1AF91C4819F091C2B93E259AFBD95D2C7912049C26FF367A5C14B22E3B8F4B17
sha3_384: 51e0e8bedbfb8290a3166d31c3662f0bf3028bdf0426e1234873b4da5f667982e87d5979630caeb47cd0c8745901d8d6
ep_bytes: 6830144000e8f0ffffff000000000000
timestamp: 2014-10-16 00:49:31


Version Info:

Translation: 0x0804 0x04b0
CompanyName: nn1I4
ProductName: gaar
FileVersion: 1.00
ProductVersion: 1.00
InternalName: gaar
OriginalFilename: gaar.exe

TrojanDownloader:Win32/Tinub.C also known as:

BkavW32.AIDetectMalware
MicroWorld-eScanGen:Variant.Jaik.69165
FireEyeGeneric.mg.ee3e0ecabe5d65c9
CAT-QuickHealTrojan.ClickerAgent.A3
McAfeeTrojan-FFJD!EE3E0ECABE5D
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 005431f21 )
K7AntiVirusTrojan ( 005431f21 )
BitDefenderThetaGen:NN.ZevbaF.36250.bm0@aiOn4odb
CyrenW32/S-7e93c2da!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.VB.QQP
APEXMalicious
CynetMalicious (score: 99)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Jaik.69165
AvastWin32:Downloader-VSU [Trj]
EmsisoftGen:Variant.Jaik.69165 (B)
BaiduWin32.Trojan-Downloader.VB.r
F-SecureTrojan.TR/VB.Downloader.Gen4
VIPREGen:Variant.Jaik.69165
McAfee-GW-EditionTrojan-FFJD!EE3E0ECABE5D
Trapminemalicious.moderate.ml.score
SophosML/PE-A
GDataGen:Variant.Jaik.69165
AviraTR/VB.Downloader.Gen4
XcitiumTrojWare.Win32.TrojanDownloader.Agent.QQK@5t917t
ArcabitTrojan.Jaik.D10E2D
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojanDownloader:Win32/Tinub.C
GoogleDetected
AhnLab-V3Trojan/Win32.Vobfus.R129859
ALYacGen:Variant.Jaik.69165
MAXmalware (ai score=86)
PandaTrj/CI.A
IkarusTrojan-Downloader.Win32.VB
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VBObfus.M!tr
AVGWin32:Downloader-VSU [Trj]
DeepInstinctMALICIOUS

How to remove TrojanDownloader:Win32/Tinub.C?

TrojanDownloader:Win32/Tinub.C removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment