Trojan

Trojan:Win32/Anomaly!D removal

Malware Removal

The Trojan:Win32/Anomaly!D is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Anomaly!D virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan:Win32/Anomaly!D?



File Info:

name: 59BE7D006881C7AB34EF.mlw
path: /opt/CAPEv2/storage/binaries/cea4ba499d2a46c16b67fc2c97673678d59ee2ed072d4bc13d90201a80eb9422
crc32: 90449B58
md5: 59be7d006881c7ab34ef3724f15a62ed
sha1: 21e8122e91810d7a5f4e495f5b63ca2ef45dd14b
sha256: cea4ba499d2a46c16b67fc2c97673678d59ee2ed072d4bc13d90201a80eb9422
sha512: 3527af8bf160a8474141e045d003e13acd0b87b68cbd4e3552814e31ac95319e18ed19ba1cf30efef0d2aa058f800eb6f4190be00101ff580bee1daf35e981be
ssdeep: 98304:tLOUm+6qQAd/6GDkmrZjts/qc3dSsApPww23z+brb++:VOYQAdSGDVbKosT+j++
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10A0633C7F215C803C86488B0F84ED8F42F2B6E56DEA105877891BE4FF5F61635A1A927
sha3_384: 94d4bfa07937af19a8a4fba3145432421a7550f9c115898023fcc9b2ab2aa9fbbb7b657716a61a066505e89547ea62ae
ep_bytes: 60be1510b5008dbeebff8aff5783cdff
timestamp: 2017-08-17 12:49:06


Version Info:

CompanyName: reaConverter LLC
FileVersion: 7.1.0.0
ProductName: reaConverter
ProductVersion: 7.0.0.0
Translation: 0x0409 0x04e4

Trojan:Win32/Anomaly!D also known as:

McAfeeArtemis!59BE7D006881
APEXMalicious
McAfee-GW-EditionBehavesLike.Win32.BadFile.wc
SentinelOneStatic AI – Suspicious PE
WebrootW32.Trojan.GenKD
Antiy-AVLTrojan/Win32.Anomaly
MicrosoftTrojan:Win32/Anomaly.gen!D
Cylanceunsafe
PandaTrj/GdSda.A
RisingTrojan.Anomaly!8.B69 (CLOUD)
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat
DeepInstinctMALICIOUS

How to remove Trojan:Win32/Anomaly!D?

Trojan:Win32/Anomaly!D removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment