Trojan:Win32/Antavmu!pz (file analysis)

The Trojan:Win32/Antavmu!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Antavmu!pz virus can do?

Uses Windows utilities for basic functionality
Reads data out of its own binary image
Drops a binary and executes it
Authenticode signature is invalid

How to determine Trojan:Win32/Antavmu!pz?


File Info:
name: 57877E2437C7F647BCDA.mlw
path: /opt/CAPEv2/storage/binaries/744f8fc1e31847d691496d6c8e1c3249579043f892408d300b88c8b8c9c05b0e
crc32: 2C0F4729
md5: 57877e2437c7f647bcda8af803d2b4c7
sha1: f6b4a0f2129b62fd7717cabd74c86ebc8953fa51
sha256: 744f8fc1e31847d691496d6c8e1c3249579043f892408d300b88c8b8c9c05b0e
sha512: c9135ad5c0f973d5d073c6bd2232c5691a2aa4f72e67063ef8c355d714ab1903fb329c9017813a54943ac086d32d8cb2b4c976ffef59e006cd9575d33afa63aa
ssdeep: 1536:sMp+MGWez2yTFAWHwabD5P9n55OoMGMGHX:sMAMGWpyXwaXnDOs
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T182438F13B890C035F44088F45D7D4EB3EE3FEE600656926B9391E5A5CEF15A0FA0A36B
sha3_384: eec0c8b73594677add4519bdda00a0c0eec1eca600c07ddd8359585053b3049801fe8a491868825288902dfb4d336eeb
ep_bytes: eb1066623a432b2b484f4f4b90e928b1
timestamp: 2010-11-03 14:11:29

Version Info:
0: [No Data]

Trojan:Win32/Antavmu!pz also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Antavmu.lZ2a
DrWeb	Trojan.MulDrop2.40169
MicroWorld-eScan	Gen:Trojan.FileInfector.dGW@a4t5tzk
Skyhigh	Dropper-FAH!57877E2437C7
McAfee	Dropper-FAH!57877E2437C7
Malwarebytes	Generic.Malware.AI.DDS
Zillya	Trojan.Genome.Win32.208128
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win32/Antavmu.f5d95e9d
K7GW	Trojan ( 001f4e2b1 )
K7AntiVirus	Trojan ( 001f4e2b1 )
BitDefenderTheta	AI:Packer.AB54A0AF1E
VirIT	Trojan.Win32.MulDrop2.CHKZ
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Agent_AGen.ARJ
TrendMicro-HouseCall	TROJ_GENOME_00000aa.TOMA
Paloalto	generic.ml
Kaspersky	Trojan.Win32.Bingoml.aifr
BitDefender	Gen:Trojan.FileInfector.dGW@a4t5tzk
NANO-Antivirus	Trojan.Win32.TrjGen.oojgv
Avast	Win32:TrojanX-gen [Trj]
Tencent	Win32.Trojan.Bingoml.Mqil
Emsisoft	Gen:Trojan.FileInfector.dGW@a4t5tzk (B)
F-Secure	Malware.W32/Ildirim
VIPRE	Gen:Trojan.FileInfector.dGW@a4t5tzk
FireEye	Gen:Trojan.FileInfector.dGW@a4t5tzk
Sophos	Troj/Antavmu-B
MAX	malware (ai score=100)
Jiangmin	Trojan/Genome.bjiy
Webroot	W32.Trojan.Gen
Google	Detected
Avira	W32/Ildirim
Varist	W32/Ildirim.A.gen!Eldorado
Antiy-AVL	Trojan/Win32.Genome
Kingsoft	malware.kb.a.881
Microsoft	Trojan:Win32/Antavmu!pz
Xcitium	Worm.Win32.Ildirim.K@54rvnk
Arcabit	Trojan.FileInfector.E66DE7
ZoneAlarm	Trojan.Win32.Bingoml.aifr
GData	Gen:Trojan.FileInfector.dGW@a4t5tzk
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win32.Antavmu.R25058
VBA32	Trojan.Genome.ac
ALYac	Gen:Trojan.FileInfector.dGW@a4t5tzk
TACHYON	Worm/W32.FileInfector.58880.B
Cylance	unsafe
Panda	Trj/CI.A
Rising	Trojan.Antavmu!8.2A5 (TFE:5:naZFA6oKvKG)
Yandex	Trojan.GenAsa!LNq9xkeYFQw
Ikarus	Trojan.Win32.Genome
MaxSecure	Trojan.Malware.7164915.susgen
Fortinet	W32/Genome.AC!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS
alibabacloud	Trojan:Win/Killfiles

How to remove Trojan:Win32/Antavmu!pz?

Trojan:Win32/Antavmu!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X