Trojan

TrojanDropper:Win32/Gepys!pz information

Malware Removal

The TrojanDropper:Win32/Gepys!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDropper:Win32/Gepys!pz virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the EnigmaStub malware family
  • Touches a file containing cookies, possibly for information gathering
  • Collects information to fingerprint the system
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine TrojanDropper:Win32/Gepys!pz?



File Info:

name: EA0B3C9CCE7F801147C1.mlw
path: /opt/CAPEv2/storage/binaries/daad5654886c44844757cc57f603e6aaddad97fd02fdff53b7f25ffc9cd63add
crc32: A9EEFE7C
md5: ea0b3c9cce7f801147c147c05696a23c
sha1: 26c827111fe4c2fa3b64e6825690cf08df7453a5
sha256: daad5654886c44844757cc57f603e6aaddad97fd02fdff53b7f25ffc9cd63add
sha512: 609f85ee8f40e45a7d000718d1f679364059d4f4c007ed990a3e6b913e8d9b16b0299e52eb04bdf0ac272a9400b20d53dd1a250d01b89a3fd99cd70ad186bd09
ssdeep: 49152:nJ2DYS9JMo17CQHXVg6gci49c0+EtzB0D/1ldzdi+u:kDYXo17BXV7HhftBIzddE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18DC53340FB818D4AD49D9576C8A346A70AB9BE1A6457B4FB2C007B73DC731221877E8F
sha3_384: f726a36f16deac1718fde5eadfd6cb1d0c204fa3b048f685bb1835d366d77fbd695331e066646efeeb90aa41d8175ab0
ep_bytes: eb0800b204000000000060e800000000
timestamp: 2013-03-05 08:54:29


Version Info:

0: [No Data]

TrojanDropper:Win32/Gepys!pz also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Gepys.j!c
AVGWin32:Gepys-B [Trj]
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Generic.35340919
FireEyeGeneric.mg.ea0b3c9cce7f8011
SkyhighBehavesLike.Win32.Generic.vc
McAfeeArtemis!EA0B3C9CCE7F
Cylanceunsafe
ZillyaTrojan.ShipUp.Win32.16116
SangforSuspicious.Win32.Save.ins
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaTrojanDropper:Win32/Gepys.8e87d2bf
K7GWTrojan ( 0058c50b1 )
K7AntiVirusTrojan ( 0058c50b1 )
BitDefenderThetaGen:NN.ZexaF.36802.AMZ@amtbnOii
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win64/Packed.Enigma.CE
CynetMalicious (score: 100)
APEXMalicious
KasperskyHEUR:Trojan-Ransom.Win32.GandCrypt.pef
BitDefenderTrojan.Generic.35340919
AvastWin32:Gepys-B [Trj]
TencentMalware.Win32.Gencirc.10bfbde4
EmsisoftTrojan.Generic.35340919 (B)
F-SecureTrojan.TR/Drop.Gepys.whnqb
VIPRETrojan.Generic.35340919
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan.Win64.Enigma
GDataWin32.Trojan.PSE.1IW07WR
AviraTR/Drop.Gepys.whnqb
Antiy-AVLTrojan[Packed]/Win64.Enigma
ArcabitTrojan.Generic.D21B4277
ZoneAlarmHEUR:Trojan-Ransom.Win32.GandCrypt.pef
MicrosoftTrojanDropper:Win32/Gepys!pz
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R638969
VBA32Trojan.Redirect
ALYacTrojan.Generic.35340919
MAXmalware (ai score=86)
MalwarebytesGeneric.Malware/Suspicious
RisingTrojan.Delf!8.67 (TFE:5:HKOyim908OD)
YandexTrojan.GenAsa!lMAkv7DkIls
MaxSecureTrojan.Malware.300983.susgen
ZonerProbably Heur.ExeHeaderL
DeepInstinctMALICIOUS
alibabacloudVirTool:Win/Packed.EnigmaProtector.Z(dyn)

How to remove TrojanDropper:Win32/Gepys!pz?

TrojanDropper:Win32/Gepys!pz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment