Trojan

Trojan:Win32/Zenpak.ASAB!MTB information

Malware Removal

The Trojan:Win32/Zenpak.ASAB!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Zenpak.ASAB!MTB virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan:Win32/Zenpak.ASAB!MTB?



File Info:

name: 26DC32D5987A72C5C955.mlw
path: /opt/CAPEv2/storage/binaries/8f230d61ec62c1929c6b987cddc487b66419b328a290f5e8cc37cd0c85bcfa88
crc32: EC664888
md5: 26dc32d5987a72c5c9553fb676fdbdce
sha1: 6757e8f70938bcb519e5bbd153e446cd6aefb197
sha256: 8f230d61ec62c1929c6b987cddc487b66419b328a290f5e8cc37cd0c85bcfa88
sha512: b77e9d1a1d557593213c99fe0b3efd4782a1f243723541ffc77dcb1d235d01c0baa0c9baa429693f775ca276267c1bb3eab8455f2a0caf3db7d6fc8af98ba772
ssdeep: 24576:HOoeGFy/qbSEfckUv6eMvCxRu0dDxAdI3fHI3RV7m4i+13URnD:ujGwnEfckUrhZbmIgB5vHkt
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T16695BFAD30E6D566C26A147CB5F87B280C874E37D480E36BDB29029BD550DBF88C85BD
sha3_384: 6f7fb57bc09c0d60309e74b7a189c940896ceb25e9d366f872fab2a298050eeee5a4c2673e62ab88fed36f92b586b1bf
ep_bytes: b8060000008d05b82510100120e80c00
timestamp: 2004-08-04 11:10:18


Version Info:

CompanyName: Microsoft Corporation
FileDescription: cuassistant
FileVersion: 10.0.17134.10074 (WinBuild.160101.0800)
InternalName: cuassistant
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: cuassistant
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.10074
Translation: 0x0409 0x04b0

Trojan:Win32/Zenpak.ASAB!MTB also known as:

LionicTrojan.Win32.Fero.a!c
AVGWin32:DropperX-gen [Drp]
MicroWorld-eScanGen:Variant.Lazy.488655
FireEyeGeneric.mg.26dc32d5987a72c5
CAT-QuickHealTrojandownloader.Fero
SkyhighBehavesLike.Win32.Generic.tc
McAfeeGenericRXAA-FA!26DC32D5987A
Cylanceunsafe
ZillyaDownloader.Fero.Win32.868
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDownloader:Win32/Kryptik.b125ab4a
K7GWTrojan ( 005b25231 )
K7AntiVirusTrojan ( 005b25231 )
SymantecPacked.Generic.553
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HWLQ
CynetMalicious (score: 100)
AvastWin32:DropperX-gen [Drp]
KasperskyTrojan-Downloader.Win32.Fero.nxo
BitDefenderGen:Variant.Lazy.488655
TencentMalware.Win32.Gencirc.11bd038d
EmsisoftGen:Variant.Lazy.488655 (B)
F-SecureTrojan.TR/AD.Fauppod.ncslg
VIPREGen:Variant.Lazy.488655
TrendMicroTROJ_GEN.R002C0WBT24
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan.Win32.Crypt
VaristW32/Fero.U.gen!Eldorado
AviraTR/AD.Fauppod.ncslg
MAXmalware (ai score=85)
Antiy-AVLTrojan/Win32.Kryptik
Kingsoftmalware.kb.a.997
MicrosoftTrojan:Win32/Zenpak.ASAB!MTB
ArcabitTrojan.Lazy.D774CF
ZoneAlarmTrojan-Downloader.Win32.Fero.nxo
GDataWin32.Trojan.PSE.DQXINM
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R637489
BitDefenderThetaGen:NN.ZedlaF.36802.4D8@a03g@Npi
ALYacGen:Variant.Lazy.488655
VBA32suspected of AScope.Trojan.TDSL
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0WBT24
RisingDownloader.Fero!8.18DAE (TFE:2:RVRJbHT5ZEV)
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Kryptik.HVWI!tr
DeepInstinctMALICIOUS

How to remove Trojan:Win32/Zenpak.ASAB!MTB?

Trojan:Win32/Zenpak.ASAB!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment