Trojan

About “Trojan:Win32/Phonzy.B!ml” infection

Malware Removal

The Trojan:Win32/Phonzy.B!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Phonzy.B!ml virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan:Win32/Phonzy.B!ml?



File Info:

name: 613339FF434B70C25356.mlw
path: /opt/CAPEv2/storage/binaries/cef62efc943a1041310418061a437325e54d44266c6f88b7989def6d651b1ceb
crc32: 11E9A2B4
md5: 613339ff434b70c253561b2397910992
sha1: a4b492656c62bc4355961d45b9008460c432b09a
sha256: cef62efc943a1041310418061a437325e54d44266c6f88b7989def6d651b1ceb
sha512: 2b4972c02bceb7d7d7e9801f759353215f1313c64a47ff7e461559fe4654cc518bd2961348ba5f668e6098c0cf71721e443efc270855e1b1aba4662e2babcbce
ssdeep: 1536:n9QHwtRF9ESWu0SWutlggalggA3X4lhkbw3Mtr0sVxfw2JRSH:nIyRF9ESWu0SWuDmSXrw3Mtr0se
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T106A35A22A510F043E70247F0A9A77770BCF87CAEBFD5DDC29386C4267AA58385657683
sha3_384: 0ce8b6b9940cf9ae1743f7efc4d78d70599bacc3a3b2439bb447e4b685b5c78a8a7e0e6fb08b5fd1d0cdecaf119fa10b
ep_bytes: 
timestamp: 2014-04-29 18:27:40


Version Info:

0: [No Data]

Trojan:Win32/Phonzy.B!ml also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
ClamAVWin.Malware.Shodi-10014025-0
SkyhighBehavesLike.Win32.Generic.cm
McAfeeGenericRXTK-BY!613339FF434B
MalwarebytesGeneric.Malware.AI.DDS
SangforSuspicious.Win32.Save.a
AvastWin64:Evo-gen [Trj]
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
GoogleDetected
Antiy-AVLVirus/Win64.Shohdi.a
XcitiumHeur.Corrupt.PE@1z141z3
MicrosoftTrojan:Win32/Phonzy.B!ml
VaristW32/S-5a8d2096!Eldorado
TrendMicro-HouseCallTROJ_GEN.R03BH06B624
RisingTrojan.Generic@AI.100 (RDML:+GEc/b5g25TEZpaj5+7g8g)
IkarusTrojan.Crypt
FortinetW32/Shohdi.6145!tr
AVGWin64:Evo-gen [Trj]

How to remove Trojan:Win32/Phonzy.B!ml?

Trojan:Win32/Phonzy.B!ml removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment