Trojan

Trojan:Win32/Acll removal guide

Malware Removal

The Trojan:Win32/Acll is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Acll virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • Authenticode signature is invalid
  • Binary file triggered YARA rule
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan:Win32/Acll?



File Info:

name: ECACF4CBF80F4AB5AD10.mlw
path: /opt/CAPEv2/storage/binaries/e8caf13e9031adf49337778b962330bd95d286796809a227b092875302c6fb3a
crc32: CC10727B
md5: ecacf4cbf80f4ab5ad10797205124af2
sha1: eda101b14f2f28ebf3d16591f1cfe5cc43d41bbb
sha256: e8caf13e9031adf49337778b962330bd95d286796809a227b092875302c6fb3a
sha512: 9ee86f0b17aac3db518e6e0cd14522f4d3a3493f856dfc4a289de88f26c043b4f7b522f3ae42797ddf19dcd07275f3ed1c2ec6c914f978df334b41cfb78f372c
ssdeep: 12288:oCdOy3vVrKxR5CXbNjAOxK/j2n+4YG/6c1mFFja3mXgcjfRlgsUBgaqY/KMgQ:oCdxte/80jYLT3U1jfsWaFSMgQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FF158D2273DDC3A0CB669173BF6977016EBFB8650634BC6B2F880D78A950261563C763
sha3_384: 1518f19a11727464c9a6c43c478fed0a1787610649dd1943000eb4b181c7b1633618e74a01c15f1b03a73b5de6133bcd
ep_bytes: e8b8d00000e97ffeffffcccccccccccc
timestamp: 2017-02-14 18:14:44


Version Info:

Translation: 0x0809 0x04b0

Trojan:Win32/Acll also known as:

BkavW32.Common.7E189B24
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (moderate confidence)
SkyhighBehavesLike.Win32.Ransomware.ch
McAfeeRDN/Generic Downloader.x
MalwarebytesGeneric.Malware/Suspicious
SangforDownloader.Win32.Agent.V0dc
AlibabaTrojan:Win32/Generic.59954b4d
APEXMalicious
GoogleDetected
MicrosoftTrojan:Win32/Acll
VaristW32/ABRisk.NURF-1857
VBA32Trojan-Downloader.Autoit.gen
DeepInstinctMALICIOUS
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R023H06BB24
SentinelOneStatic AI – Suspicious PE
FortinetW32/PossibleThreat
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Trojan:Win32/Acll?

Trojan:Win32/Acll removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment