How to remove “Trojan:Win32/CredentialAccess!rfn”?

Malware Removal

The Trojan:Win32/CredentialAccess!rfn is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan:Win32/CredentialAccess!rfn virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Trojan:Win32/CredentialAccess!rfn?


File Info:

crc32: 22FD5EA6
md5: 2054355d97b5fe71b66f9fbb91595f58
name: gamelauncher.exe
sha1: 839f64d5a6dcdf6818c74c0153aa8bc8c0c61f0e
sha256: 70613793eb1b506c2039d6947de654fafd7e952c520e2bfe6fca326efd199a8b
sha512: b5a83f2833a7822963603114227bc68e78e5aee55b47b15a4b584e62bb3e4e24f89bdd30d2a6b299997b029a054035f9ea4450f144b15506bb0e4e9e42a4633b
ssdeep: 49152:MnFAoesAfG3SfgJfFjYPR44RkHne7Y9KYOqdFMfvzKJydUnQ:MnFpfWW4RkHne7FYqyMUQ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright (C) 2019
InternalName: Warface BlackSun.exe
FileVersion: 5, 4, 2, 0
CompanyName: BlackSun
ProductName: BlackSun
ProductVersion: 5, 4, 2, 0
FileDescription: BlackSun
OriginalFilename: BlackSun.exe
Translation: 0x0419 0x04b0

Trojan:Win32/CredentialAccess!rfn also known as:

BkavW32.AIDetectVM.malware2
MicroWorld-eScanTrojan.GenericKD.41952687
McAfeeGenericRXIZ-FC!2054355D97B5
CylanceUnsafe
VIPRELooksLike.Win32.Uruasy.b!ag (v)
SangforMalware
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderTrojan.GenericKD.41952687
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_60% (W)
APEXMalicious
Paloaltogeneric.ml
GDataTrojan.GenericKD.41952687
KasperskyUDS:DangerousObject.Multi.Generic
AlibabaAdWare:Application/Amonetize.6a00ae33
AegisLabTrojan.Multi.Generic.4!c
RisingTrojan.Bomitag!8.11227 (CLOUD)
Endgamemalicious (high confidence)
EmsisoftTrojan.GenericKD.41952687 (B)
F-SecureAdware.ADWARE/Amonetize.Gen7
DrWebTrojan.Inject3.16817
Invinceaheuristic
McAfee-GW-EditionGenericRXIZ-FC!2054355D97B5
MaxSecureTrojan.Malware.1728101.susgen
FireEyeGeneric.mg.2054355d97b5fe71
SophosGeneric PUA ID (PUA)
CyrenW32/Trojan.IUCG-4899
WebrootW32.Trojan.Gen
AviraADWARE/Amonetize.Gen7
MicrosoftTrojan:Win32/CredentialAccess!rfn
ArcabitTrojan.Generic.D28025AF
ZoneAlarmUDS:DangerousObject.Multi.Generic
AhnLab-V3PUP/Win32.RL_Generic.R299002
VBA32BScope.Adware.Presenoker
ALYacTrojan.GenericKD.41952687
MAXmalware (ai score=89)
Ad-AwareTrojan.GenericKD.41952687
ESET-NOD32a variant of Generik.CUMFTLJ
TencentNet.Risk.Adware.Hnuq
YandexPUA.Amonetize!
eGambitUnsafe.AI_Score_92%
FortinetW32/Generic_PUA_ID.FC!tr
BitDefenderThetaAI:Packer.268787B020
AVGFileRepMetagen [Malware]
Cybereasonmalicious.d97b5f
PandaTrj/GdSda.A
Qihoo-360Generic/Virus.Adware.8c5

How to remove Trojan:Win32/CredentialAccess!rfn?

Trojan:Win32/CredentialAccess!rfn removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment