Malware

W32.Triusor.A7 removal tips

Malware Removal

The W32.Triusor.A7 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What W32.Triusor.A7 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Checks for the presence of known devices from debuggers and forensic tools
  • Checks for the presence of known devices from debuggers and forensic tools
  • Harvests cookies for information gathering
  • Anomalous binary characteristics

How to determine W32.Triusor.A7?



File Info:

name: 4C3890CF2C59A416B442.mlw
path: /opt/CAPEv2/storage/binaries/d464e64af355d875400a18f2bcb078f7580ad6f2ed1f4a92de86d4ce0cd1d656
crc32: 5A37E60B
md5: 4c3890cf2c59a416b44287416d0111da
sha1: e373b13f5a88cdd6768ec41073599d4936b661b7
sha256: d464e64af355d875400a18f2bcb078f7580ad6f2ed1f4a92de86d4ce0cd1d656
sha512: 8a2877ed72f7ddc037f1ece77f223f2062d473051d0b763556ca50a7bd3977c73146a194e4f7e5b5b6621a5c1d8625949f6ece6895ba7bdf4ab2fd29e83c3730
ssdeep: 12288:t5NaIk7nsp5pahQ2hkhsYvCpJZ2u4TsglaTN/:t5lB2hkhfvCpf2fTflW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T150A48D11B9918032C17378344679E2721DBEB9311E31568F63DE0EB96F740D1AB2AB6F
sha3_384: dee0cf74357bebd2b6b271485b19c55ef352c1dbb9533c086047dd4a86339befd8d98f7316d5b63bbe936ed1ca8ae157
ep_bytes: 558bec6aff680881470068d840470064
timestamp: 2016-12-13 17:04:22


Version Info:

0: [No Data]

W32.Triusor.A7 also known as:

LionicVirus.Win32.Agent.n!c
DrWebWin32.HLLW.Unjap.293
MicroWorld-eScanWin32.Triusor.A
FireEyeGeneric.mg.4c3890cf2c59a416
CAT-QuickHealW32.Triusor.A7
McAfeeW32/Triusor.A
CylanceUnsafe
VIPREWin32.Triusor.A
SangforSuspicious.Win32.Save.ins
K7AntiVirusRiskware ( 00584baa1 )
AlibabaMalware:Win32/km_2e9569.None
K7GWRiskware ( 00584baa1 )
Cybereasonmalicious.f2c59a
ArcabitWin32.Triusor.A
BitDefenderThetaAI:FileInfector.AD9B3E700F
VirITWin32.Unjap.A
CyrenW32/Triusor.A
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Resur.I
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.Triusor-6911609-0
KasperskyVirus.Win32.Agent.fn
BitDefenderWin32.Triusor.A
NANO-AntivirusVirus.Win32.Infector.eazaig
AvastWin32:Malware-gen
TencentVirus.Win32.Agent.fn
Ad-AwareWin32.Triusor.A
EmsisoftWin32.Triusor.A (B)
ComodoTrojWare.Win32.Nimnul.A@5waoem
TrendMicroVirus.Win32.TRIUSOR.A
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.gh
Trapminemalicious.high.ml.score
SophosML/PE-A + W32/Triusor-A
SentinelOneStatic AI – Suspicious PE
GoogleDetected
Antiy-AVLTrojan/Generic.ASBOL.C6FF
MicrosoftVirus:Win32/Triusor.A
ZoneAlarmVirus.Win32.Agent.fn
GDataWin32.Trojan.PSE.UIYZ5Q
CynetMalicious (score: 100)
AhnLab-V3Win32/Resur.X1604
VBA32Virus.Win32.Triusor
ALYacWin32.Triusor.A
MAXmalware (ai score=84)
MalwarebytesMalware.Heuristic.1008
TrendMicro-HouseCallVirus.Win32.TRIUSOR.A
RisingVirus.Resur!1.B42C (CLASSIC)
YandexTrojan.GenAsa!BugRQtpcKNg
IkarusVirus.Win32.Resur
MaxSecureVirus.Agent.FN
FortinetW32/Agent.FN
AVGWin32:Malware-gen
PandaTrj/Chgt.AC
CrowdStrikewin/malicious_confidence_70% (W)

How to remove W32.Triusor.A7?

W32.Triusor.A7 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment