Trojan

Trojan:Win32/Phonzy.B!ml removal

Malware Removal

The Trojan:Win32/Phonzy.B!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Phonzy.B!ml virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan:Win32/Phonzy.B!ml?



File Info:

name: 25B3BC53B40A1D18B1DE.mlw
path: /opt/CAPEv2/storage/binaries/90a354154da4e96e41250f9973b479ece8af9ea815363e2a3714a7b019312354
crc32: 83ADCE13
md5: 25b3bc53b40a1d18b1de217036c04372
sha1: fa5299bece9caa9bb059a6e70c39d95079d06517
sha256: 90a354154da4e96e41250f9973b479ece8af9ea815363e2a3714a7b019312354
sha512: 51dc814e5e0823e429fe958e6575e3b59c9f74ab2bde202470cf9b5c781fba2c500cec15269023149b765a448057e72bcce54e50b076f2f44a2554f1fc479d8a
ssdeep: 196608:Xb3bPk5HyC8k5h/wDdEoNiV4I/WWwA7mdep5a/g7OUVV3:Xb3bPk5HPhJCdemoz3
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T13A867C11E2C344F1DEA3857092A7F3AF9735FC418120DDAAF5987A45EF33681692E329
sha3_384: e820c4abb6416c628e8365300cba0f729e1ad59f579cd293d569dbd45bc579917cc0072df0092b0bb514783f9a598227
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-03-26 20:05:48


Version Info:

CompanyName: Microsoft Corporation
FileDescription: AddInUtil.exe
FileVersion: 4.7.3062.0 built by: NET472REL1
InternalName: AddInUtil.exe
LegalCopyright: © Microsoft Corporation.  All rights reserved.
OriginalFilename: AddInUtil.exe
ProductName: Microsoft® .NET Framework
ProductVersion: 4.7.3062.0
Comments: Flavor=Retail
PrivateBuild: DDBLD404
Translation: 0x0409 0x04b0

Trojan:Win32/Phonzy.B!ml also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Generic.4!c
SkyhighBehavesLike.Win32.Generic.wh
Cylanceunsafe
SangforTrojan.Win32.SilverFox.sclgd
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
APEXMalicious
CynetMalicious (score: 100)
TencentMalware.Win32.Gencirc.10bbe6c8
F-SecureHeuristic.HEUR/AGEN.1306700
SophosGeneric ML PUA (PUA)
IkarusTrojan-Dropper.MSIL.Agent
GoogleDetected
AviraHEUR/AGEN.1306700
GridinsoftTrojan.Win32.Agent.sa
MicrosoftTrojan:Win32/Phonzy.B!ml
GDataMSIL.Trojan.PSE.1B6Q5LR
McAfeeArtemis!25B3BC53B40A
MalwarebytesTrojan.Dropper.Generic
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetMSIL/Olext.A!tr
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan:Win32/Phonzy.B!ml?

Trojan:Win32/Phonzy.B!ml removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment