Trojan

Trojan:Win32/Cleaman.B information

Malware Removal

The Trojan:Win32/Cleaman.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Cleaman.B virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan:Win32/Cleaman.B?



File Info:

name: A02F022D86793534FA42.mlw
path: /opt/CAPEv2/storage/binaries/23fe423c0e0d22361b982875a8faf1de0194e05dcb3b9909ccef7eca00452b9e
crc32: D178355D
md5: a02f022d86793534fa4210e901bac284
sha1: ebf7584e8756d481cd9c406bf67f1df7dc260bb5
sha256: 23fe423c0e0d22361b982875a8faf1de0194e05dcb3b9909ccef7eca00452b9e
sha512: 6da4928864171e285063e2240b7246500ef8ba0d5a89318efa8ced49507da6ad151bb80fd3a695781a9436a57301ae57e8202c2a6d145e42c003c0018f802d20
ssdeep: 192:8UlQOOUwu5HNDWhpRKmpzr2PZjF8W6VWjy1im90w9bfSiumwpX3ByLY:8//GKrcOzMF8W6VWOMm90clOXR0
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T12942BF6257F94156F4EB0F3669975F3A85BEFC318B2BA67E1B4920050FB05B08526313
sha3_384: bd6d3c16a8003508eea79e4879b0b27f745537bfedf60d865d33e39e7cb80d0970cfe2c18e9755c6d30211a948b67d5e
ep_bytes: b808a200105064ff3500000000648925
timestamp: 2011-05-31 06:46:32


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Disk HLM HDD Manager for Windows
FileVersion: 6, 2, 4602, 1211
InternalName: CLEANHLM.DLL
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: CLEANHLM.DLL
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6, 2, 4602, 1211
Translation: 0x0409 0x04b0

Trojan:Win32/Cleaman.B also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Clemag.4!c
AVGWin32:Bozeep [Spy]
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Barys.95734
FireEyeGen:Variant.Barys.95734
SkyhighBehavesLike.Win32.Rootkit.lh
McAfeeGenericRXAA-FA!A02F022D8679
ZillyaTrojan.Clemag.Win32.744
SangforTrojan.Win32.Agent.V3tb
K7AntiVirusTrojan ( 005376ae1 )
AlibabaTrojan:Win32/Cleaman.5f76e8df
K7GWTrojan ( 005376ae1 )
CrowdStrikewin/malicious_confidence_90% (W)
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Clemag.NAF
CynetMalicious (score: 99)
APEXMalicious
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Variant.Barys.95734
NANO-AntivirusTrojan.Win32.Bozeep.obqca
AvastWin32:Bozeep [Spy]
TencentWin32.Trojan.Graftor.Ftgl
SophosMal/Generic-S
F-SecureTrojan.TR/Graftor.642356
VIPREGen:Variant.Barys.95734
TrendMicroTROJ_GEN.R002C0DB524
EmsisoftGen:Variant.Barys.95734 (B)
JiangminTrojan/Generic.aqynd
WebrootW32.Backdoor.Clemag.Gen
VaristW32/Clemag.C.gen!Eldorado
AviraTR/Graftor.642356
MAXmalware (ai score=100)
Antiy-AVLTrojan/Win32.Cleaman
KingsoftWin32.Trojan.Generic.a
MicrosoftTrojan:Win32/Cleaman.B
XcitiumMalware@#20odi27g0zune
ArcabitTrojan.Barys.D175F6
ZoneAlarmUDS:Trojan.Win32.Generic
GDataGen:Variant.Barys.95734
GoogleDetected
AhnLab-V3Backdoor/Win32.Clemag.R6223
BitDefenderThetaGen:NN.ZedlaF.36802.am8aaybFIGpc
ALYacGen:Variant.Barys.95734
VBA32TScope.Malware-Cryptor.SB
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0DB524
RisingTrojan.Cleaman!8.1232 (TFE:5:i4YBgUDLHGS)
YandexTrojan.Clemag!qP6ZAe2uSqo
IkarusVirus.Win32.Vundo
FortinetW32/Karagany.B!tr
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Clemag.NAF

How to remove Trojan:Win32/Cleaman.B?

Trojan:Win32/Cleaman.B removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment