Trojan

About “Trojan:Win32/Phonzy.A!ml” infection

Malware Removal

The Trojan:Win32/Phonzy.A!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Phonzy.A!ml virus can do?

  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan:Win32/Phonzy.A!ml?



File Info:

name: 00A42EBAF51C0BE43784.mlw
path: /opt/CAPEv2/storage/binaries/fa31ddf23f961ad54deed44393d615697c7c6f3ef4168f68d52889171ed130f3
crc32: 8D8A6F57
md5: 00a42ebaf51c0be43784707e5c7481e1
sha1: 43f53cc5bea235ec115817f7828cc5e546689dea
sha256: fa31ddf23f961ad54deed44393d615697c7c6f3ef4168f68d52889171ed130f3
sha512: abb3e15b59e0264d9a812fb6f6d9f9bf1ce47eb40e6aa255ec542ae593ea26963d2b3cd4eb12d550cc3267515d8b1b12aea97b6f36d7247c5e28e99b0cdac128
ssdeep: 12288:+YWfGt/sB1KcYmqgZvAMlUoUjG+YKtMfnkOeZb5JYiNAgAPh:+Yvt/sBlDqgZQd6XKtiMJYiPU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T191D41207F6C3D039F8B319B21F795415A42AFE78A749A0DBA2C6694E1DB80D26D34337
sha3_384: 3645dc440a1dc1a3d5aae5fc13eb18526be36eaa2c1eee9403c1108b618a2c8f1662877bbc99a2869c89235409e17ef3
ep_bytes: e8d3030000e937fdffffcccc68d57b40
timestamp: 2014-11-20 18:03:43


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: Adobe Acrobat Update Service
FileVersion: 1.801.10.4720
InternalName: armsvc.exe
LegalCopyright: Copyright © 2013 Adobe Systems Incorporated.  All rights reserved.
OriginalFilename: armsvc.exe
ProductName: Adobe Acrobat Update Service
ProductVersion: 1.801.10.4720
Translation: 0x0409 0x04b0

Trojan:Win32/Phonzy.A!ml also known as:

BkavW32.Common.C15F8ABF
LionicTrojan.Win32.Expiro.4!c
CynetMalicious (score: 100)
SkyhighBehavesLike.Win32.Expiro.jc
ALYacTrojan.GenericKDZ.101723
Cylanceunsafe
SangforSuspicious.Win32.Save.a
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
APEXMalicious
ClamAVWin.Malware.Expiro-9941636-0
BitDefenderTrojan.GenericKDZ.101723
MicroWorld-eScanTrojan.GenericKDZ.101723
EmsisoftTrojan.GenericKDZ.101723 (B)
VIPRETrojan.GenericKDZ.101723
SophosMal/Generic-S
IkarusVirus.Win32.Expiro
GDataTrojan.GenericKDZ.101723
VaristW32/Floxif.H.gen!Eldorado
ArcabitTrojan.Generic.D18D5B
MicrosoftTrojan:Win32/Phonzy.A!ml
GoogleDetected
McAfeeArtemis!00A42EBAF51C
MalwarebytesGeneric.Malware/Suspicious
TrendMicro-HouseCallTROJ_GEN.R002H09LE23
MaxSecureTrojan.Malware.215575181.susgen
FortinetW32/PossibleThreat
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Trojan:Win32/Phonzy.A!ml?

Trojan:Win32/Phonzy.A!ml removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment