Trojan

Should I remove “Trojan:Win32/Delfsnif!I”?

Malware Removal

The Trojan:Win32/Delfsnif!I is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Delfsnif!I virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • The sample wrote data to the system hosts file.

How to determine Trojan:Win32/Delfsnif!I?



File Info:

name: 0B6C9E2E8F97BA826960.mlw
path: /opt/CAPEv2/storage/binaries/b2edd8e341cc715ae34297c29af8a997322ce69320c997c86e72bd56b8f35cb1
crc32: 22CBB53B
md5: 0b6c9e2e8f97ba826960a56b2e2b32a9
sha1: e2d2e5b3660075670045ffe94fd5d76da5e31df1
sha256: b2edd8e341cc715ae34297c29af8a997322ce69320c997c86e72bd56b8f35cb1
sha512: b07ea4ce4f7569b63831de2527bb1a2e77385f1e0bede60896d562a93143df8ea748721146c3aa91bf43e26a937b62b6a6a3391571e66d9dbce2b2e01f1e83df
ssdeep: 12288:W4yNkxHIpIwKPOg7PSjna6QLiomJmaRo04cvqI4DQFu/U3buRKlemZ9DnKcJC0D:h1xHIpITPf7q1QLiBmGGbSR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T159B6DA065CD64D71CE5BE2B17A874E7D49D3BF2A04CC2D2CAAC362794609DC331BA6C9
sha3_384: 83f05c1fb026bc516867285cca39d813201c23765a4a74dfe0b1d04d7a25e2df6e9aeab987219a9c421ae9f454a5ae9d
ep_bytes: 558bec83c4f0b834834100e834dafeff
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Trojan:Win32/Delfsnif!I also known as:

LionicTrojan.Win32.Delf.tsfe
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Clicker.Delf.CU
CAT-QuickHealTrojan.GenericCS.S28264677
McAfeeGenericRXTI-AW!0B6C9E2E8F97
MalwarebytesGeneric.Trojan.Clicker.DDS
ZillyaTrojan.Delf.Win32.4871
SangforTrojan.Win32.Save.a
K7AntiVirusSpyware ( 000064d81 )
AlibabaTrojanClicker:Win32/Delfsnif.1658c644
K7GWSpyware ( 000064d81 )
Cybereasonmalicious.e8f97b
VirITTrojan.Win32.Clicker.JE
CyrenW32/Trojan.BQCO-1293
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanClicker.Delf.CU
APEXMalicious
ClamAVHtml.Trojan.ClickerDelf-7
KasperskyTrojan-Clicker.Win32.Delf.cu
BitDefenderTrojan.Clicker.Delf.CU
NANO-AntivirusTrojan.Win32.Libie.fpkq
AvastWin32:Trojano-ART [Trj]
TencentMalware.Win32.Gencirc.10be3bf7
EmsisoftTrojan.Clicker.Delf.CU (B)
F-SecureTrojan.TR/Click.Delf.CU.1
DrWebAdware.Ravenor
VIPRETrojan.Clicker.Delf.CU
McAfee-GW-EditionBehavesLike.Win32.AdwareWebsearch.vt
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.0b6c9e2e8f97ba82
SophosTroj/Delf-LB
SentinelOneStatic AI – Suspicious PE
GDataWin32.Trojan.PSE.1MWTA5
JiangminTrojanClicker.Delf.ef
GoogleDetected
AviraTR/Click.Delf.CU.1
MAXmalware (ai score=81)
Antiy-AVLTrojan[Clicker]/Win32.Delf
XcitiumTrojWare.Win32.TrojanClicker.Delf.CU@2b95
ArcabitTrojan.Clicker.Delf.CU
ViRobotTrojan.Win32.A.Clicker.746256
ZoneAlarmTrojan-Clicker.Win32.Delf.cu
MicrosoftTrojan:Win32/Delfsnif.gen!I
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Xema.C7957
Acronissuspicious
BitDefenderThetaGen:NN.ZelphiCO.36196.@JZ@a0kxG8oi
ALYacTrojan.Clicker.Delf.CU
VBA32TrojanClicker.Delf
Cylanceunsafe
PandaTrj/Libie.F
RisingTrojan.Clicker.Delf.rt (CLASSIC)
YandexTrojan.GenAsa!+sXTVjaW9B0
IkarusBackdoor.Win32.Hupigon
MaxSecureTrojan.Malware.1844147.susgen
FortinetW32/Delf.GB!tr
AVGWin32:Trojano-ART [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan:Win32/Delfsnif!I?

Trojan:Win32/Delfsnif!I removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment