What is “Trojan:Win32/Ymacco.ABB3”?

The Trojan:Win32/Ymacco.ABB3 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Ymacco.ABB3 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Trojan:Win32/Ymacco.ABB3?


File Info:
name: 37D6755323B58A38D265.mlw
path: /opt/CAPEv2/storage/binaries/b3f8cf2d60003da2fffecfdbd2e7b6acd5724b9a770a5d4afbb6ba3d37740fb2
crc32: BAF67F93
md5: 37d6755323b58a38d2654264dbc6dc99
sha1: eac54d3fb761e1486539671bff90b4750e016ed8
sha256: b3f8cf2d60003da2fffecfdbd2e7b6acd5724b9a770a5d4afbb6ba3d37740fb2
sha512: fe7ed3d289ebe1c6445f21df9269bbe37267c340cf848f8606528267e806426dd12bad5650e1a6dd18576b365e1a38a10be67505afd6655e242185a7ddc507a1
ssdeep: 24576:M45B4KXSUeYkYrr87V6oNPiNmISjIj/l3juQ55313N:M4D4KrlMjIj/l3F
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T121A5FA036A8B0E75DDD23BB461CB533AA734FE30CA2A9B7FB609C53559532C46C1A742
sha3_384: 8183404855d92e016e38624399758efb85fd6d79d0f6a0a04cd1975697d6a4470b962995c3ebd182016fce531e49b231
ep_bytes: 83ec0cc70598744e0000000000e8dec3
timestamp: 2021-12-09 03:27:23

Version Info:
0: [No Data]

Trojan:Win32/Ymacco.ABB3 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Zapchast.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.81116
FireEye	Trojan.GenericKDZ.81116
CAT-QuickHeal	Trojan.SabsikIH.S21959152
McAfee	GenericRXQY-JE!37D6755323B5
Cylance	Unsafe
K7AntiVirus	Trojan ( 00588c0e1 )
Alibaba	Trojan:Win32/Zapchast.83f2ad85
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Agent_AGen.BC
Avast	Win32:TrojanX-gen [Trj]
ClamAV	Win.Malware.Generickdz-9888427-0
Kaspersky	HEUR:Trojan.Win32.Zapchast.gen
BitDefender	Trojan.GenericKDZ.81116
Tencent	Malware.Win32.Gencirc.11db5c7d
Ad-Aware	Trojan.GenericKDZ.81116
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R02DC0PLB21
McAfee-GW-Edition	GenericRXQY-JE!37D6755323B5
Emsisoft	Trojan.GenericKDZ.81116 (B)
Jiangmin	Trojan.Zapchast.abh
MaxSecure	Trojan.Malware.300983.susgen
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:Win32/Ymacco.ABB3
ViRobot	Trojan.Win32.Z.Zapchast.2253253.AA
GData	Win32.Trojan.PSE.11GYR71
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Muldrop.R436343
VBA32	Trojan.Zapchast
ALYac	Trojan.GenericKDZ.81116
MAX	malware (ai score=83)
Malwarebytes	Trojan.Downloader
TrendMicro-HouseCall	TROJ_GEN.R02DC0PLB21
Rising	Trojan.Starter!1.D93D (CLASSIC)
Fortinet	W32/Agent.ADMG!tr
AVG	Win32:TrojanX-gen [Trj]
Panda	Trj/GdSda.A

How to remove Trojan:Win32/Ymacco.ABB3?

Trojan:Win32/Ymacco.ABB3 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X