Trojan

Trojan:Win32/ClipBanker.MA!MTB removal

Malware Removal

The Trojan:Win32/ClipBanker.MA!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/ClipBanker.MA!MTB virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid

How to determine Trojan:Win32/ClipBanker.MA!MTB?



File Info:

name: AA402D82969674F670C6.mlw
path: /opt/CAPEv2/storage/binaries/0e95a478fa8e5d837aefb08d57760c5154273777804ba1fc9cefc06f6c746b03
crc32: 86D914B6
md5: aa402d82969674f670c6c8cf68065220
sha1: f700419a2444523937d1dcb1c5f611facce0769f
sha256: 0e95a478fa8e5d837aefb08d57760c5154273777804ba1fc9cefc06f6c746b03
sha512: 26e2857d3489a43ee8044c43ef9c736b52b4f389d5057c561b740fb5e0d26ba9031ef8321c20607d55b9234a03f652bfd3a2f374771607648eb9935f644d8d44
ssdeep: 768:bIHyjzSBXCgxXPVAfktEtUjIpo9oIRyG0PdnSwjzClGT4YZnDi5CLI/HXb6Ro+ka:sE5mUuJhVLvZS4NHna97t
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T138E321F09FF5B8A5E1252473B558B13C3BCB5D1EDC614836E29BF50A34628C224E6E1B
sha3_384: 883f94d7349af48a0f6e3a1e6b56a36bfec27a1a656dea5efc9ed020ade5b734cd97ce048ee6050f87f39db6d9602d86
ep_bytes: 6844c64000e8f0ffffff000000000000
timestamp: 2022-04-17 00:10:00


Version Info:

Translation: 0x0409 0x04b0
CompanyName: Microsoft Windows
ProductName: Runtime Explorer
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Runtime Explorer
OriginalFilename: Runtime Explorer.exe

Trojan:Win32/ClipBanker.MA!MTB also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.765964
ALYacGen:Variant.Bulz.765964
CylanceUnsafe
K7AntiVirusTrojan ( 00588d7f1 )
BitDefenderGen:Variant.Bulz.765964
K7GWTrojan ( 00588d7f1 )
CyrenW32/CoinMiner.FJ.gen!Eldorado
ESET-NOD32a variant of Win32/ClipBanker.MA
APEXMalicious
ClamAVWin.Keylogger.Clipbanker-9849694-0
KasperskyTrojan-Banker.Win32.ClipBanker.ssy
Ad-AwareGen:Variant.Bulz.765964
EmsisoftGen:Variant.Bulz.765964 (B)
FireEyeGeneric.mg.aa402d82969674f6
AviraHEUR/AGEN.1239313
MicrosoftTrojan:Win32/ClipBanker.MA!MTB
GDataGen:Variant.Bulz.765964
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.ClipBanker.R416431
MAXmalware (ai score=88)
MalwarebytesTrojan.Banker
RisingTrojan.ClipBanker!8.5FB (TFE:dGZlOgXU3VX1AvvZTw)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZevbaF.34606.jm0@aGsKHThi
AVGFileRepMalware [Misc]
AvastFileRepMalware [Misc]

How to remove Trojan:Win32/ClipBanker.MA!MTB?

Trojan:Win32/ClipBanker.MA!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment