Trojan:Win32/Phonzy.A!ml removal instruction

The Trojan:Win32/Phonzy.A!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Phonzy.A!ml virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Trojan:Win32/Phonzy.A!ml?


File Info:
name: 8855263AA783DD3C161E.mlw
path: /opt/CAPEv2/storage/binaries/534c999f1afcff6bb2b5ab32fc61769de5c106a21eccf3a81dd9477a603a5d4d
crc32: 56301920
md5: 8855263aa783dd3c161e0f9eed2c1875
sha1: 55e37f43ab83fa4a3a81b8d8a5d3d6e67f093fd4
sha256: 534c999f1afcff6bb2b5ab32fc61769de5c106a21eccf3a81dd9477a603a5d4d
sha512: 2e74e42e2743cb0ddc78a8d451315190092b3a785214582e6d0061cdd991e0f46f8b0cf78fa37e25cbf1cc8c72b4b3ea3998bfe3568640936d7c668577a0084c
ssdeep: 12288:gAr1pRE1bJay6OXZ6/gew5JBW2YItxdn:gAr67ayHc0Htx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T115C4AE25B9C280F2D863243201F5E7765E787931CA368DCBFBC46C78DA35690976932E
sha3_384: 935211789eb4ee2a2c728c75dc931babe4ce67a1ff003f8502789cc968703bfcacc5bad118dde91ac6966acbb3a13c74
ep_bytes: 0581c300f3ffffd1ebc745f04cd6d6b6
timestamp: 2023-11-11 16:23:31

Version Info:
0: [No Data]

Trojan:Win32/Phonzy.A!ml also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Fragtor.323375
FireEye	Generic.mg.8855263aa783dd3c
Skyhigh	BehavesLike.Win32.Generic.hh
McAfee	Artemis!8855263AA783
Malwarebytes	Malware.AI.3618966881
Zillya	Trojan.Lumma.Win32.50
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
Arcabit	Trojan.Fragtor.D4EF2F
BitDefenderTheta	AI:Packer.C0E7D9DF1E
Symantec	ML.Attribute.HighConfidence
Cynet	Malicious (score: 100)
APEX	Malicious
Kaspersky	Trojan-PSW.Win32.Lumma.gb
BitDefender	Gen:Variant.Fragtor.323375
NANO-Antivirus	Trojan.Win32.Lumma.kdufmi
Avast	Win32:SpywareX-gen [Trj]
Tencent	Malware.Win32.Gencirc.10bf5ff5
Emsisoft	Gen:Variant.Fragtor.323375 (B)
VIPRE	Gen:Variant.Fragtor.323375
Trapmine	malicious.moderate.ml.score
Antiy-AVL	Trojan[PSW]/Win32.Lumma
Microsoft	Trojan:Win32/Phonzy.A!ml
ZoneAlarm	Trojan-PSW.Win32.Lumma.gb
GData	Gen:Variant.Fragtor.323375
ALYac	Gen:Variant.Fragtor.323375
MAX	malware (ai score=85)
Cylance	unsafe
Rising	Stealer.Lumma!8.177F6 (TFE:2:xGGLapdsTsV)
MaxSecure	Trojan.Malware.220493648.susgen
Fortinet	W32/Agent.PRG!dam
AVG	Win32:SpywareX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan:Win32/Phonzy.A!ml?

Trojan:Win32/Phonzy.A!ml removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X