Spy Trojan

TrojanSpy.TravNet removal

Malware Removal

The TrojanSpy.TravNet is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanSpy.TravNet virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Loads a driver
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Performs some HTTP requests
  • Exhibits possible ransomware file modification behavior
  • Attempts to create or modify system certificates

Related domains:

cacerts.digicert.com

How to determine TrojanSpy.TravNet?



File Info:

crc32: A9D27078
md5: 12bfed40940ba9d68f463a79ac394273
name: Midiplus_Studio_v4.55.0_2018-11-09_setup.exe
sha1: dd3e3ac6b31a961295b195227b66d3b801495fba
sha256: 904502eeb1bff57b678757add34daaf5708e3215bad99b438c97c18b95055b2a
sha512: c7ff0810b6e55c2e0719330d81463324bc5f4eb817c7d71bf90b978363e83ab1c679928cfa519216fb438b2860275ef3d3b63c737db1632a4b388ba763fc9b6f
ssdeep: 49152:vB9V/LfjMlX7jmBX5dzS1KuqPFF6rCUDPa8vxSiyZIc7IY+RkhN:D9bMlmBbRqB8ithREN
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 2016-2017
InternalName: STP
FileVersion: 1.12.0.0
CompanyName: 
ProductName: Based on 7-Zip LZMA SDK 16.04
ProductVersion: 1.12.0.0 x86 release
FileDescription: Setup
OriginalFilename: STP
Translation: 0x0409 0x04b0

TrojanSpy.TravNet also known as:

ZillyaTrojan.TravNet.Win32.90
VBA32TrojanSpy.TravNet
YandexTrojanSpy.TravNet!1w5sn8//9GM

How to remove TrojanSpy.TravNet?

TrojanSpy.TravNet removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment