Trojan

Trojan:Win32/Tilken.B!cl removal

Malware Removal

The Trojan:Win32/Tilken.B!cl is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Tilken.B!cl virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Executable code extraction
  • Injection with CreateRemoteThread in a remote process
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Code injection with CreateRemoteThread in a remote process
  • Sniffs keystrokes
  • Installs an hook procedure to monitor for mouse events
  • Executed a process and injected code into it, probably while unpacking
  • Checks for the presence of known windows from debuggers and forensic tools
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config

How to determine Trojan:Win32/Tilken.B!cl?



File Info:

crc32: 5790F4EC
md5: 342650e0ec2f84d7c78b65ef169b8e87
name: europe.exe
sha1: 8759ea57fccfbecda1727042d47c43174ddb5281
sha256: b5dbaea8b242c3c4ba8b464bfb70f8399525f820cac68c9a670957926d85b97b
sha512: 4278d61e19a45fd0eda489c8940f8e29b23f9bfbbf70da82f4263938bb6b40ea9397cf3697fd92ec61754e83d1c970d43c2b019ce527d7aea2f25ed56baae0ac
ssdeep: 98304:DVqXGRHNm/ZV+fQFv9IwaxrBCFyPzreOza/k2rBDlbxANSiPvdnlsIuS0OZFGRD:DVAGRagoLIwCBCsHenprBxbONSitlsIM
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: xa9 Copyright juin 2004                                                                                                                                                                                                   
InternalName: L'Europe et l'UE                                                                                                                                                                                                                  
FileVersion: 1.1                                                                                                                                                                                                            
CompanyName: Mme Filliette Karine                                                                                                                                                                                                           
LegalTrademarks:                                                                                                                                                                                                         
Comments: Bonne visite...                                                                                                                                                                                                                                      
ProductName: L'Europe et l'UE                                                                                                                                                                                                                  
ProductVersion: 1.1                                                                                                                                                                                                 
FileDescription: Animation sur l'Europe et l'UE                                                                                                                                                                                                    
OriginalFilename: Europe et UE.exe                                                                                                                                                                                                    
Translation: 0x0809 0x04e4

Trojan:Win32/Tilken.B!cl also known as:

NANO-AntivirusTrojan.Win32.Inject.elssub
ViRobotTrojan.Win32.A.Bublik.895981[UPX]
ComodoHeur.Suspicious
DrWebTrojan.KeyLogger.26469
JiangminTrojan/Bublik.ws
Antiy-AVLTrojan/Win32.Bublik
MicrosoftTrojan:Win32/Tilken.B!cl
VBA32Trojan.Pincav
CylanceUnsafe
FortinetW32/Malicious_Behavior.VEX
Paloaltogeneric.ml

How to remove Trojan:Win32/Tilken.B!cl?

Trojan:Win32/Tilken.B!cl removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment