About “Trojan:Win32/Cobaltstrike!ml” infection

The Trojan:Win32/Cobaltstrike!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Cobaltstrike!ml virus can do?

Anomalous binary characteristics

How to determine Trojan:Win32/Cobaltstrike!ml?


File Info:
crc32: D3136927
md5: 329a67cec8e2ff4fc35717502bfb4afd
name: 329A67CEC8E2FF4FC35717502BFB4AFD.mlw
sha1: ecfabb8b33732336fcb57bbe0b160e4961c75715
sha256: 210f032fe0af6d25bf6b74ce5393fdd3b90a741ca8ab716866765371dfe05327
sha512: adc02ed5f7e47c8117b223b282ab54d19579f709c5e179eb86f25f421401232cbfc6512985847024875425447796db5e285c1dadfe1b7c1344a943e4501d1f2e
ssdeep: 6144:uOre8kPd0EQClTs4/q3C1BIAFzm50xJKjzQEXP:uWIPd0ENFsEq3C1BHFq5CKPQo
type: PE32+ executable (DLL) (GUI) x86-64 system file, for MS Windows

Version Info:
0: [No Data]

Trojan:Win32/Cobaltstrike!ml also known as:

Elastic	malicious (high confidence)
McAfee	Artemis!329A67CEC8E2
Cylance	Unsafe
Zillya	Tool.CobaltStrike.Win64.661
CrowdStrike	win/malicious_confidence_80% (W)
BitDefender	Trojan.Agent.FAKA
Cyren	W64/Cobaltstrike.A.gen!Eldorado
ESET-NOD32	a variant of Win64/Riskware.CobaltStrike.Beacon.G
Cynet	Malicious (score: 100)
MicroWorld-eScan	Trojan.Agent.FAKA
Ad-Aware	Trojan.Agent.FAKA
Sophos	ML/PE-A
McAfee-GW-Edition	BehavesLike.Win64.Infected.dh
FireEye	Generic.mg.329a67cec8e2ff4f
Emsisoft	Trojan.Agent.FAKA (B)
Microsoft	Trojan:Win32/Cobaltstrike!ml
Gridinsoft	Trojan.Heur!.0200A282
GData	Trojan.Agent.FAKA
AhnLab-V3	Malware/Win32.Inject.R372069
MAX	malware (ai score=80)
Malwarebytes	Malware.AI.4132154357
Rising	Backdoor.CobaltStrike!1.D418 (CLASSIC)
Ikarus	Trojan.Agent
Fortinet	Riskware/CobaltStrike

How to remove Trojan:Win32/Cobaltstrike!ml?

Trojan:Win32/Cobaltstrike!ml removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X