Trojan

Trojan:Win32/Phonzy.B!ml removal

Malware Removal

The Trojan:Win32/Phonzy.B!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Phonzy.B!ml virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the EnigmaStub malware family
  • Anomalous binary characteristics

How to determine Trojan:Win32/Phonzy.B!ml?



File Info:

name: 1BD34C8AD2C857A2D5DC.mlw
path: /opt/CAPEv2/storage/binaries/dca87641f9c0213212c37f3a33651ba74e73009bb04f856882634ff8ea90bd75
crc32: 2DE18CBC
md5: 1bd34c8ad2c857a2d5dc82adf3d48e61
sha1: f16ec0d77c15e665169fd9ff552682c178b86f2f
sha256: dca87641f9c0213212c37f3a33651ba74e73009bb04f856882634ff8ea90bd75
sha512: ccbe7b32196b05c7c4e23233d4760ade2456479c265acb130fcd63329010e064d075265315441d8cfa887c46bd6ed416a43655bee605407f98d8cb5d5077d728
ssdeep: 49152:m8ucHDuxarBy1vG6x/LXTjIf3K4SBV3R191FcHLmCELbZWgNHwX:m8ucH9y1O61TIS4SBt92iNhNQX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14116CF38A503C13BC53907748C6B97BC62FC7A08293E7787B3D89A5EAD73344669435A
sha3_384: 60ef841de2744fb14fbffcc4df25db7058cd2d6081345ba05c3c098ce9302f6a072d5cf05985152908f24c6c6e4f7add
ep_bytes: 2c8c20e44ab8b06fd665eddb7e48ab58
timestamp: 2024-01-04 16:01:48


Version Info:

0: [No Data]

Trojan:Win32/Phonzy.B!ml also known as:

BkavW32.AIDetectMalware
Elasticmalicious (moderate confidence)
SkyhighBehavesLike.Win32.Generic.rh
MalwarebytesTrojan.Amadey
SangforSuspicious.Win32.Save.ins
Cybereasonmalicious.77c15e
SymantecML.Attribute.HighConfidence
CynetMalicious (score: 100)
ClamAVWin.Trojan.Generic-9846514-0
KasperskyVHO:Trojan-Downloader.Win32.Convagent.gen
AvastWin32:PWSX-gen [Trj]
RisingTrojan.Generic@AI.100 (RDML:JsJ6mez1UNBdSpsnpMSvxA)
SophosGeneric ML PUA (PUA)
F-SecureTrojan.TR/Crypt.XPACK.Gen
SentinelOneStatic AI – Malicious PE
AviraTR/Crypt.XPACK.Gen
MicrosoftTrojan:Win32/Phonzy.B!ml
ZoneAlarmVHO:Trojan-Downloader.Win32.Convagent.gen
GDataWin32.Trojan.Agent.X5L8BQ
GoogleDetected
BitDefenderThetaGen:NN.ZexaF.36680.@JZ@aCxWX!c
Cylanceunsafe
ZonerProbably Heur.ExeHeaderL
TrendMicro-HouseCallTROJ_GEN.R03BH07AK24
IkarusTrojan.Win32.Refroso
FortinetW32/PossibleThreat
AVGWin32:PWSX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan:Win32/Phonzy.B!ml?

Trojan:Win32/Phonzy.B!ml removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment