Spy Trojan

TrojanSpy:Win32/Delf!A removal guide

Malware Removal

The TrojanSpy:Win32/Delf!A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What TrojanSpy:Win32/Delf!A virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine TrojanSpy:Win32/Delf!A?


File Info:

name: 3B0F32162A8350BDE88A.mlw
path: /opt/CAPEv2/storage/binaries/eed9b46732308e1478bca339642128a806d03a9af8e954e579460c619a4b1480
crc32: CA77A623
md5: 3b0f32162a8350bde88a5cbafd07fac3
sha1: 45a7c7e51dbe2a47206fba08f44f364bc6d0c570
sha256: eed9b46732308e1478bca339642128a806d03a9af8e954e579460c619a4b1480
sha512: bad93258bbdf8d8105ee7f35c25b281170f18615e868b6918552cfee0fe953237a673aae94a935c7e2c167f22a3ee0e0f7b24360ad7348ba1341a24f5d4b0190
ssdeep: 12288:b6A+y1vbS+Vnjz936iOnQMkcB8BUpBXYBu:eA11vbS+VjZd2QMklipBXYQ
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1E0A47D21B6919537D1624B788C5BE39D642DBF102E7CE8477BF44E0D5F3A282292B2C7
sha3_384: c0602c2c743dc15f06a30a49ffc47af761fc421303aa9aa856318acc485909a45aa5cc703df854dbf8077b99bb4754a0
ep_bytes: 558bec83c4b433c08945b48945c08945
timestamp: 1992-06-19 22:22:17

Version Info:

0: [No Data]

TrojanSpy:Win32/Delf!A also known as:

LionicTrojan.Win32.Agent.mvHh
DrWebBackDoor.Beizhu.2652
MicroWorld-eScanTrojan.Crypt.Delf.AL
FireEyeGeneric.mg.3b0f32162a8350bd
SkyhighBehavesLike.Win32.Dropper.gh
McAfeegeneric!bg.d
MalwarebytesCeckno.Backdoor.RAT.DDS
ZillyaBackdoor.Ceckno.Win32.1278
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaBackdoor:Win32/Hupigon.8e56d026
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
VirITBackdoor.Win32.Generic.OZX
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Delf.NJJ
APEXMalicious
ClamAVWin.Trojan.Delf-33878
KasperskyBackdoor.Win32.Hupigon.cmpe
BitDefenderTrojan.Crypt.Delf.AL
NANO-AntivirusTrojan.Win32.Ceckno.zaqe
AvastWin32:Ceckno [Trj]
TencentMalware.Win32.Gencirc.10b6ca3c
EmsisoftTrojan.Crypt.Delf.AL (B)
F-SecureBackdoor.BDS/Hupigon.Gen
VIPRETrojan.Crypt.Delf.AL
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=100)
JiangminBackdoor/Huigezi.2007.baeo
GoogleDetected
AviraBDS/Hupigon.Gen
VaristW32/Hupigon.C.gen!Eldorado
Antiy-AVLTrojan[Backdoor]/Win32.Hupigon
Kingsoftmalware.kb.a.1000
MicrosoftTrojanSpy:Win32/Delf.gen!A
XcitiumBackdoor.Win32.Ceckno.~TC@je5o
ArcabitTrojan.Crypt.Delf.AL
ViRobotBackdoor.Win32.Ceckno.504700
ZoneAlarmBackdoor.Win32.Hupigon.cmpe
GDataWin32.Trojan.PSE.14IIXYG
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Hupigon.R15595
VBA32TScope.Trojan.Delf
ALYacTrojan.Crypt.Delf.AL
TACHYONBackdoor/W32.DP-Hupigon.486912
Cylanceunsafe
PandaTrj/Genetic.gen
RisingBackdoor.Win32.Mnless.ama (CLASSIC)
YandexTrojan.GenAsa!xNqLq+Z4Qeo
IkarusBackdoor.Win32.Hupigon
MaxSecureTrojan.Malware.132016.susgen
FortinetW32/Delf.OCF!tr
AVGWin32:Ceckno [Trj]
DeepInstinctMALICIOUS
alibabacloudWorm:Win/Delf.NJJ

How to remove TrojanSpy:Win32/Delf!A?

TrojanSpy:Win32/Delf!A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment