Trojan

Trojan:Win32/Ymacco.AAFB (file analysis)

Malware Removal

The Trojan:Win32/Ymacco.AAFB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Ymacco.AAFB virus can do?

  • Unconventionial binary language: Chinese (Simplified)

How to determine Trojan:Win32/Ymacco.AAFB?



File Info:

crc32: 5AA74021
md5: 6087f54b18ac73ada0b6aefc67761635
name: tmpbe_6kgsz
sha1: 3a4b03a4e3df50b7419e9e8bebbad1d5202d7806
sha256: fbe2820623cf933f745ee513e76ed0bf138314d3516a751d202c982758b2d217
sha512: 3bc57a87ade8b5d206a6ebf35c66d6f539ee05e8267135aee280ccb94dae9f8d1b5f649fed6799567b21fb9255ea6c12a49835a9a9ddf4697aea570a8933e2dd
ssdeep: 49152:wkoRGIrj2sNqJJT1PZXxJkjqNh85p2MEhnM5p2+ZllihM:ToRGOqJrZXxmtp6M5p2slUM
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.                                        
InternalName: Setup                                        
FileVersion: 2.00.0000                                       
CompanyName: ActiveX                                                      
Internal Build Number: 94573                                        
ProductName: ActiveX                                              
ProductVersion: 2.00.0000                                   
FileDescription: Setup Launcher Unicode                                        
OriginalFilename: Setup.exe                                        
Translation: 0x0804 0x04b0

Trojan:Win32/Ymacco.AAFB also known as:

BkavW32.HfsAutoB.
MicroWorld-eScanTrojan.GenericKD.34032754
FireEyeTrojan.GenericKD.34032754
McAfeeArtemis!6087F54B18AC
BitDefenderTrojan.GenericKD.34032754
CrowdStrikewin/malicious_confidence_60% (W)
F-ProtW32/SuspPack.FW.gen!Eldorado
APEXMalicious
AvastWin32:Evo-gen [Susp]
GDataTrojan.GenericKD.34032754
AegisLabTrojan.Win32.Generic.4!c
Endgamemalicious (high confidence)
EmsisoftTrojan.GenericKD.34032754 (B)
CyrenW32/SuspPack.FW.gen!Eldorado
MAXmalware (ai score=86)
MicrosoftTrojan:Win32/Ymacco.AAFB
ArcabitTrojan.Generic.D2074C72
ALYacTrojan.GenericKD.34032754
Ad-AwareTrojan.GenericKD.34032754
TrendMicro-HouseCallTROJ_GEN.R002H0CFM20
SentinelOneDFI – Suspicious PE
FortinetW32/GenericKD.D8F3!tr
AVGWin32:Evo-gen [Susp]

How to remove Trojan:Win32/Ymacco.AAFB?

Trojan:Win32/Ymacco.AAFB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment