Trojan

Trojan:Win32/Phonzy.B!ml removal tips

Malware Removal

The Trojan:Win32/Phonzy.B!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Phonzy.B!ml virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan:Win32/Phonzy.B!ml?



File Info:

name: F5B1BB3B2B61F24351F6.mlw
path: /opt/CAPEv2/storage/binaries/5071eecc5216f7fe6b81266e7bb880eccf77c288e1afb13294a09d84940e141b
crc32: E3F5FF1C
md5: f5b1bb3b2b61f24351f6bd3c853b7af6
sha1: c91049e01e89283459e74d8cb889c5b81896268f
sha256: 5071eecc5216f7fe6b81266e7bb880eccf77c288e1afb13294a09d84940e141b
sha512: adc07085b0973f2981c1bdd43be5f1eecf733a12feb5337e9909bcaa57bce25c4acd3313a593ab1bdfbc89b7418988767f8d3454d61092a86cd948e66361a49b
ssdeep: 3072:nIyRF9ESWu0SWuDmSXrw3Mtr0smZ8FAC2jnkbOuWEvK3rBNN2jN21/0NQn0NQF2r:nIyFESWu0SWu2shFAC2jnkbOupvuv2PT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T149047D2BD410F4AFFA0153B649B7BB9DFCAC7CA53EF1EDD24681C1158E60532258618B
sha3_384: cc0abdadaee0c901bd93ca0b373e7665dea4d885138498c50243987218100006ef034afd4b9c03a6b0e15f147e60e5d7
ep_bytes: 99df85c89ade84b009de9dc89ade5eba
timestamp: 2014-04-29 18:27:40


Version Info:

0: [No Data]

Trojan:Win32/Phonzy.B!ml also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
SkyhighBehavesLike.Win32.Generic.ch
SangforSuspicious.Win32.Save.a
SymantecTrojan.Gen.MBT
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ClamAVWin.Malware.Shodi-10014025-0
SUPERAntiSpywareTrojan.Agent/Gen-Crypt
AvastWin64:Evo-gen [Trj]
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
Antiy-AVLVirus/Win64.Shohdi.a
MicrosoftTrojan:Win32/Phonzy.B!ml
GoogleDetected
Acronissuspicious
McAfeeGenericRXTK-BY!F5B1BB3B2B61
MalwarebytesMalware.AI.1838386179
RisingTrojan.Generic@AI.100 (RDML:3u6B0xUB5ttjstqKJRKYKA)
IkarusTrojan.Crypt
FortinetW32/Shohdi.6145!tr
AVGWin64:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Trojan:Win32/Phonzy.B!ml?

Trojan:Win32/Phonzy.B!ml removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment