Trojan

TrojanDropper:Win32/Wykcores.A removal guide

Malware Removal

The TrojanDropper:Win32/Wykcores.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDropper:Win32/Wykcores.A virus can do?

  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Creates a copy of itself
  • Deletes executed files from disk

How to determine TrojanDropper:Win32/Wykcores.A?



File Info:

name: D84BE729D6A502102B10.mlw
path: /opt/CAPEv2/storage/binaries/5d2b8c3351eef82f8b6a7f9f0e4ae1179fdca2a9d8a88534076fa21c2af92ad9
crc32: B32D6241
md5: d84be729d6a502102b10ee5d622e62b3
sha1: 1aae628b7464d0878e237a20e11bb811f761c5be
sha256: 5d2b8c3351eef82f8b6a7f9f0e4ae1179fdca2a9d8a88534076fa21c2af92ad9
sha512: 54685ab618ea3bcc7ada4d3b96bf709e4f5b4657ed2ac0b1b0f40e88fb4d73f32cd713afe3bddb30c4c63b4246ba2bccc09db7038ac0f3be8e5bfe08cb606fb5
ssdeep: 1536:9VLqFpLs4iOhqdS/1snrC6t7+UHc1wQ1T:WVJh1e7THlQF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F6636D43E680D8B2C011CDFC5E25D258A66E79E0ED2D6492FADE1ECCDDAE272141D24B
sha3_384: 27902debe5229cdf33a9d772d464988337fb82c00006f3122b73acd0da68b372e530c56504d8dd5ea9d885582623ae92
ep_bytes: 558bec83c4f053b8ac424000e89ff6ff
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

TrojanDropper:Win32/Wykcores.A also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Wykcores.m!c
Elasticmalicious (high confidence)
MicroWorld-eScanDropped:Generic.Malware.F!dld!g.201949A6
FireEyeGeneric.mg.d84be729d6a50210
SkyhighBehavesLike.Win32.Picsys.lh
McAfeeGenericRXQG-VY!D84BE729D6A5
Cylanceunsafe
ZillyaTrojan.Genome.Win32.42499
SangforTrojan.Win32.Save.a
AlibabaTrojanDropper:Win32/Wykcores.6697d4e0
K7GWTrojan ( 0000024b1 )
K7AntiVirusTrojan ( 0000024b1 )
BitDefenderThetaAI:Packer.6719B3011F
Paloaltogeneric.ml
SymantecBackdoor.Trojan
ESET-NOD32a variant of Win32/Wykcores.A
APEXMalicious
TrendMicro-HouseCallTROJ_DLLSERV.MCL
AvastWin32:Trojan-gen
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderDropped:Generic.Malware.F!dld!g.201949A6
NANO-AntivirusTrojan.Win32.TrjGen.bfkvct
TencentWin32.Trojan.Agen.Iajl
EmsisoftDropped:Generic.Malware.F!dld!g.201949A6 (B)
F-SecureHeuristic.HEUR/AGEN.1327611
DrWebTrojan.Click1.19743
VIPREDropped:Generic.Malware.F!dld!g.201949A6
TrendMicroTROJ_DLLSERV.MCL
Trapminemalicious.moderate.ml.score
SophosTroj/Wykcores-A
IkarusTrojan.Win32.Genome
JiangminTrojan/Genome.enk
WebrootW32.SisProc.Gen
GoogleDetected
AviraHEUR/AGEN.1327611
VaristW32/Risk.LCMW-1576
Antiy-AVLTrojan/Win32.Agent
Kingsoftmalware.kb.a.1000
MicrosoftTrojanDropper:Win32/Wykcores.A
XcitiumMalware@#17mxvvrp88nh0
ArcabitGeneric.Malware.F!dld!g.201949A6
ViRobotTrojan.Win.Z.Wykcores.72704
ZoneAlarmBackdoor.Win32.Agent.anvj
GDataDropped:Generic.Malware.F!dld!g.201949A6
CynetMalicious (score: 100)
AhnLab-V3Backdoor/Win32.Etso.R9545
VBA32BScope.TrojanDropper.Dorifel
ALYacDropped:Generic.Malware.F!dld!g.201949A6
TACHYONTrojan/W32.DP-Genome.72704
MalwarebytesMalware.AI.3473782836
PandaGeneric Malware
RisingBackdoor.Agent!8.C5D (TFE:3:OIaOQUjPhNV)
YandexTrojan.GenAsa!v/m2Rwsn/d8
MAXmalware (ai score=99)
FortinetW32/Wykcores.A!tr
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
alibabacloudTrojan.Win.UnkAgent

How to remove TrojanDropper:Win32/Wykcores.A?

TrojanDropper:Win32/Wykcores.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment