Trojan

Should I remove “Trojan:Win32/JackServn!rfn”?

Malware Removal

The Trojan:Win32/JackServn!rfn is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/JackServn!rfn virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid
  • Attempts to identify installed AV products by registry key
  • Attempts to disable UAC

How to determine Trojan:Win32/JackServn!rfn?



File Info:

name: 8D0EFBA9DD528E2A828B.mlw
path: /opt/CAPEv2/storage/binaries/2cd876691f9c6544e9814db5e94f6264df3445bb6d65e099d598b44c25471d1b
crc32: 4929F279
md5: 8d0efba9dd528e2a828b82b67471e0e9
sha1: 8990adf80fb5e7ef91dfcbf9771602613b765df4
sha256: 2cd876691f9c6544e9814db5e94f6264df3445bb6d65e099d598b44c25471d1b
sha512: 97e4d39aefd1dd2f0ece8d3b8306c7187fd041e77d29628333ecb299696e4c34854b15ffe9b8435e4fb7178e50f2f8168a19ae0bb288816a1a1045614e54af75
ssdeep: 49152:88VgfW8JPYWyu/DzOi48u+McPyRsug1NbLMWIfAazKT2qZqNS:88VgfW87DDa78u2PyKug1NfLIrzKBZq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E4A58D213680C07BC27335328A4EA77AB2EDA9705F7512C763C41E396E759D29A3871F
sha3_384: 8fafb76eee492444d47063411578df8082a1a8885dcb5802f73a56689c59c0ff696ca606c2423e14b858d351e729d19c
ep_bytes: e874cc0000e978feffff6a0c68108657
timestamp: 2018-01-19 06:54:25


Version Info:

CompanyName: TODO: 
FileDescription: TODO: 
FileVersion: 1.0.0.1
InternalName: ServiceFileLauncher.exe
LegalCopyright: TODO: (c) .  All rights reserved.
OriginalFilename: ServiceFileLauncher.exe
ProductName: TODO: 
ProductVersion: 1.0.0.1
Translation: 0x0412 0x03b5

Trojan:Win32/JackServn!rfn also known as:

LionicTrojan.Win32.KrServ.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Downloader.184
FireEyeGeneric.mg.8d0efba9dd528e2a
SkyhighArtemis!Trojan
McAfeeArtemis!8D0EFBA9DD52
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.KrServ.Win32.42
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (W)
AlibabaTrojan:Win32/KrServ.975d0ce2
K7GWTrojan ( 0051caf91 )
K7AntiVirusTrojan ( 0051caf91 )
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/JackServn.D
CynetMalicious (score: 99)
KasperskyTrojan.Win32.KrServ.qc
BitDefenderGen:Variant.Downloader.184
NANO-AntivirusTrojan.Win32.KrServ.exfgib
AvastWin32:Trojan-gen
RisingTrojan.JackServn!8.2B9 (TFE:5:h8dXQoK81IL)
SophosMal/Generic-S
F-SecureTrojan.TR/JackServn.nwhir
VIPREGen:Variant.Downloader.184
TrendMicroTROJ_GEN.R002C0DK223
EmsisoftGen:Variant.Downloader.184 (B)
GDataGen:Variant.Downloader.184
JiangminTrojan.KrServ.ex
GoogleDetected
AviraTR/JackServn.nwhir
MAXmalware (ai score=99)
Antiy-AVLTrojan/Win32.AGeneric
KingsoftWin32.Trojan.KrServ.qc
XcitiumMalware@#2e8tg9i1b20zb
ArcabitTrojan.Downloader.184
ZoneAlarmTrojan.Win32.KrServ.qc
MicrosoftTrojan:Win32/JackServn!rfn
AhnLab-V3Trojan/Win32.KrServ.C2362627
VBA32Trojan.KrServ
Cylanceunsafe
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002C0DK223
TencentMalware.Win32.Gencirc.114cab36
YandexTrojan.GenAsa!FpqlF+9z7Qw
IkarusTrojan.Win32.Jackservn
MaxSecureTrojan.Malware.115878666.susgen
FortinetW32/JackServn.O!tr
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS

How to remove Trojan:Win32/JackServn!rfn?

Trojan:Win32/JackServn!rfn removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment