Trojan

TrojanDownloader:Win32/Zegost.E!bit removal instruction

Malware Removal

The TrojanDownloader:Win32/Zegost.E!bit is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/Zegost.E!bit virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (2 unique times)
  • Creates RWX memory
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Anomalous binary characteristics

Related domains:

ref.tbfull.com

How to determine TrojanDownloader:Win32/Zegost.E!bit?



File Info:

crc32: D44EF0D9
md5: 5505be3775e3e36f7febf1ead3466c49
name: 5505BE3775E3E36F7FEBF1EAD3466C49.mlw
sha1: 64cd59e7b3b2ce8d621339141f5e65e045d51de9
sha256: f82d9c9ef620e2697abfcfed382706c5542f6eefdaa0223511899b04d2ae5bb2
sha512: 09642d47234d616600005ad0244ea44300db2c088c847f1ccc99f6a65d31ed4b67a3d1f0ceb3224ce7b762667ff45a784f2c5f82e30c6ca043da885fbed9a9cc
ssdeep: 12288:sb5DbPowllDRf9Ib2JONfUcri1RcQP2aJ:s9Dbg6lV9C2JOBUIc12aJ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

TrojanDownloader:Win32/Zegost.E!bit also known as:

Elasticmalicious (high confidence)
DrWebTrojan.Rootkit.22030
MicroWorld-eScanDeepScan:Generic.Keylogger.2.D64E2F5B
FireEyeGeneric.mg.5505be3775e3e36f
Qihoo-360Generic/HEUR/QVM07.1.FC6C.Malware.Gen
ALYacDeepScan:Generic.Keylogger.2.D64E2F5B
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Generic.lbym
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0055d4871 )
BitDefenderDeepScan:Generic.Keylogger.2.D64E2F5B
K7GWTrojan ( 0055d4871 )
Cybereasonmalicious.775e3e
BitDefenderThetaAI:Packer.CEA186301F
CyrenW32/Farfli.BI.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:BackdoorX-gen [Trj]
ClamAVWin.Trojan.Farfli-7639977-0
KasperskyHEUR:Trojan.Win32.Generic
AlibabaTrojanDownloader:Win32/Zegost.ce1b6b53
NANO-AntivirusTrojan.Win32.Farfli.henrej
TencentMalware.Win32.Gencirc.10b9d217
Ad-AwareDeepScan:Generic.Keylogger.2.D64E2F5B
SophosMal/Generic-S
ComodoMalware@#16t8xrk3xokst
F-SecureTrojan.TR/Crypt.XPACK.Gen
TrendMicroTROJ_GEN.R03BC0DLD20
McAfee-GW-EditionBehavesLike.Win32.Emotet.fc
EmsisoftDeepScan:Generic.Keylogger.2.D64E2F5B (B)
IkarusBackdoor.Win32.Shiz
GDataDeepScan:Generic.Keylogger.2.D64E2F5B
JiangminBackdoor.Farfli.dmf
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan[Backdoor]/Win32.Farfli
GridinsoftTrojan.Win32.Downloader.oa
ArcabitDeepScan:Generic.Keylogger.2.D64E2F5B
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojanDownloader:Win32/Zegost.E!bit
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.R333274
Acronissuspicious
McAfeeGenericRXKB-WQ!5505BE3775E3
MAXmalware (ai score=84)
VBA32Trojan.Rootkit
MalwarebytesBackdoor.Farfli
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/Farfli.CTT
TrendMicro-HouseCallTROJ_GEN.R03BC0DLD20
RisingBackdoor.Zegost!8.177 (CLOUD)
YandexTrojan.Farfli!t7SwUQpNP0w
SentinelOneStatic AI – Suspicious PE
eGambitUnsafe.AI_Score_88%
FortinetW32/Generic.AP.34ACC4!tr
AVGWin32:BackdoorX-gen [Trj]
CrowdStrikewin/malicious_confidence_70% (D)
MaxSecureTrojan.Malware.82354649.susgen

How to remove TrojanDownloader:Win32/Zegost.E!bit?

TrojanDownloader:Win32/Zegost.E!bit removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment