Spy Trojan

VHO:Trojan-Spy.Win32.Havex (file analysis)

Malware Removal

The VHO:Trojan-Spy.Win32.Havex is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VHO:Trojan-Spy.Win32.Havex virus can do?

  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine VHO:Trojan-Spy.Win32.Havex?



File Info:

name: 4DBC6D854FCB6FF1E974.mlw
path: /opt/CAPEv2/storage/binaries/b3c19606df6691449a688ccb6148fd3368c06700fbf30b25959c678b61ef38f0
crc32: FB7738ED
md5: 4dbc6d854fcb6ff1e974d43754d0f2a4
sha1: ac390e1a189fbac3e60ef30537d91ca6b9852f73
sha256: b3c19606df6691449a688ccb6148fd3368c06700fbf30b25959c678b61ef38f0
sha512: 37489ac75d37a2260bbbe5239086f5aa302ea8210fd11c48000de3397d744ed123a25cb91efb4eda67b65da37022892248c0dafdab5e8ebfc38bb3d65abbf964
ssdeep: 24576:gMQRBR7GInpgAnmPYDz+6TKgXhHbYaB1QiD1N8ol:g7DR7GIpgzYDPWgxHbYaBqiD1N8ol
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1BC955C53B89392F8C4AAE2308D66D2A17B32BC955B3123D72F50A7791F72BD05E39314
sha3_384: 0a2327a3da8d81ee9d237dcf7e0707a4d46c147b9b0c073edd95df4eb6d4a5b0c379e2fdff3810596e6663e4f0ffbf23
ep_bytes: e9dbbcffffcccccccccccccccccccccc
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

VHO:Trojan-Spy.Win32.Havex also known as:

Elasticmalicious (high confidence)
ALYacTrojan.GenericKDZ.76500
MalwarebytesSpyware.PasswordStealer
BitDefenderTrojan.GenericKDZ.76500
APEXMalicious
CynetMalicious (score: 100)
KasperskyVHO:Trojan-Spy.Win32.Havex.gen
MicroWorld-eScanTrojan.GenericKDZ.76500
AvastWin64:WormX-gen [Wrm]
Ad-AwareTrojan.GenericKDZ.76500
DrWebExploit.ShellCode.26
FireEyeTrojan.GenericKDZ.76500
EmsisoftTrojan.GenericKDZ.76500 (B)
IkarusTrojan.WinGo.Rozena
GDataTrojan.GenericKDZ.76500
JiangminTrojan.Shelma.itx
AviraHEUR/AGEN.1144634
MAXmalware (ai score=82)
ArcabitTrojan.Generic.D12AD4
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Trojan/Win.Generic.R438124
AVGWin64:WormX-gen [Wrm]

How to remove VHO:Trojan-Spy.Win32.Havex?

VHO:Trojan-Spy.Win32.Havex removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment