Trojan

Trojan:Win32/Danglo!gmb information

Malware Removal

The Trojan:Win32/Danglo!gmb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Danglo!gmb virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Checks adapter addresses which can be used to detect virtual network interfaces
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Trojan:Win32/Danglo!gmb?



File Info:

name: 4C27046C97E06E13B2F4.mlw
path: /opt/CAPEv2/storage/binaries/00adddf7f965a531657080a8255d359be6243996988793064169c5f94e2440b7
crc32: 535D2BFC
md5: 4c27046c97e06e13b2f444ab0adce485
sha1: 005e22a011779e71cc033d2e97a9988c305e61e9
sha256: 00adddf7f965a531657080a8255d359be6243996988793064169c5f94e2440b7
sha512: 93805b52200f6dacead6f1c74c0e356cf33a71bd17387cfffc4f97753ec2760bb69b18ef23953144bfde50cb0d8c2b74e068eb615d48c87fe3ce5e61f625b2a4
ssdeep: 384:UVj7jZ8tBju6XQjjT5tk+4IflEyJ5FWogp+iX4kw5zsrnQ8ea45HoY/:UVj7d8tQVj74uAp+izrQJa45Hok
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BFC26C8DB3D584B5CE3CE7B9491351800334EE4A76839B6E5DE8742C5DB33DE7A02A62
sha3_384: 883b9cfbbead9c138f26078a61f34109fb9075ade9c1f8c348c1a8a074743922b1bb65be425419800778fc5a7593d1de
ep_bytes: ff250020400000000000000000000000
timestamp: 2014-03-13 19:14:57


Version Info:

Translation: 0x0000 0x04b0
Comments: avast! Antivirus
CompanyName: AVAST Software
FileDescription: avast! Antivirus
FileVersion: 9.0.2008.177
InternalName: afwServ.exe
LegalCopyright: Copyright (c) 2013 AVAST Software
LegalTrademarks: AVAST Software
OriginalFilename: afwServ.exe
ProductName: avast! Antivirus
ProductVersion: 9.0.2008.177
Assembly Version: 9.0.2008.177

Trojan:Win32/Danglo!gmb also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader11.11252
MicroWorld-eScanGen:Variant.MSILPerseus.222850
FireEyeGeneric.mg.4c27046c97e06e13
McAfeeArtemis!4C27046C97E0
CylanceUnsafe
VIPREGen:Variant.MSILPerseus.222850
SangforTrojan.Win32.Save.a
AlibabaTrojan:MSIL/Generic.afde3c02
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZemsilF.34582.bm0@aqWL9kb
SymantecDownloader
ESET-NOD32a variant of MSIL/Agent.GB
TrendMicro-HouseCallTROJ_SPNR.0BF514
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.MSILPerseus.222850
NANO-AntivirusTrojan.Win32.Agent.czrygn
AvastWin32:Dropper-gen [Drp]
RisingBackdoor.Bladabindi!8.B1F (CLOUD)
Ad-AwareGen:Variant.MSILPerseus.222850
SophosMal/Generic-S
ComodoMalware@#3tf95e6lvakl5
ZillyaDropper.Agent.Win32.153486
TrendMicroTROJ_SPNR.0BF514
McAfee-GW-EditionArtemis!Trojan
SentinelOneStatic AI – Malicious PE
Trapminesuspicious.low.ml.score
EmsisoftGen:Variant.MSILPerseus.222850 (B)
IkarusWorm.MSIL.Agent
GDataGen:Variant.MSILPerseus.222850
WebrootW32.Dropper.Gen
AviraHEUR/AGEN.1235642
Antiy-AVLTrojan/Generic.ASMalwS.6
KingsoftWin32.Troj.Agent.ki.(kcloud)
MicrosoftTrojan:Win32/Danglo!gmb
CynetMalicious (score: 99)
ALYacGen:Variant.MSILPerseus.222850
VBA32TrojanDropper.Agent
MalwarebytesMalware.AI.3602306023
APEXMalicious
TencentWin32.Trojan.Generic.Pdcp
YandexTrojan.DR.Agent!Z4osxsXLRpA
MAXmalware (ai score=87)
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.PP!tr.dldr
AVGWin32:Dropper-gen [Drp]
Cybereasonmalicious.c97e06
PandaGeneric Malware

How to remove Trojan:Win32/Danglo!gmb?

Trojan:Win32/Danglo!gmb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment