Malware

Win32/Pronny.AT (file analysis)

Malware Removal

The Win32/Pronny.AT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Pronny.AT virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • At least one process apparently crashed during execution
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/Pronny.AT?



File Info:

name: 7DB00B9B724F1D15EE9D.mlw
path: /opt/CAPEv2/storage/binaries/531bb345faa396c515dfb5a919ec2dd419aaff6dce8447a1591f0bd7d75537c2
crc32: 3C4F6222
md5: 7db00b9b724f1d15ee9d3c286021fccc
sha1: 0aabee7ff3dcfca8886158580f95b6af8c862e40
sha256: 531bb345faa396c515dfb5a919ec2dd419aaff6dce8447a1591f0bd7d75537c2
sha512: 11397e6e1a32f7d84af9a3f12934701b3b262f66f10d6a98fcd051b7133d6553c25cce471859fe2f3d95b735eded1e20ab1acccc086b7a0faaa67783992e3c37
ssdeep: 3072:7hPBd3csROnFQL5yIuSP9lqVinU3bp/PTm2moJ6BwA+GABMndgSq5Ei:7hJdF7PnqVinU3bw2moJ6WAdgBF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13534722563C0B73DEC24CBF9684C4390896BD93729D16C17E6C29747B6A2D27F6203A7
sha3_384: 2a67341ba6760fd5336c7db29d2bd1c356bcc57db6afd07bbe8789b0c90dd1a1d427ae565d502cad59630e61c7ad0cfb
ep_bytes: 68b4494000e8f0ffffff000000000000
timestamp: 2012-05-22 22:07:14


Version Info:

Translation: 0x0409 0x04b0
Comments: opj45345h546
CompanyName: asdg3453456456
FileDescription: i435j346456sd
LegalCopyright: asdf2354345456
LegalTrademarks: sadf35345sdsd
ProductName: sad2343254aaaa
FileVersion: 4.07.0001
ProductVersion: 4.07.0001
InternalName: zokvpm
OriginalFilename: zokvpm.exe

Win32/Pronny.AT also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTrojan.VbCrypt.60
MicroWorld-eScanGen:Heur.ManBat.1
FireEyeGeneric.mg.7db00b9b724f1d15
CAT-QuickHealWorm.VobfusVMF.S20641095
ALYacGen:Heur.ManBat.1
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusEmailWorm ( 0054d10f1 )
K7GWEmailWorm ( 0054d10f1 )
Cybereasonmalicious.b724f1
BitDefenderThetaGen:NN.ZevbaF.34182.pm1@a4hAmlai
VirITTrojan.Win32.Zyx.KS
CyrenW32/Vobfus.BE.gen!Eldorado
SymantecW32.Changeup
ESET-NOD32Win32/Pronny.AT
TrendMicro-HouseCallWORM_VOBFUS.SMJO
ClamAVWin.Trojan.Vobfus-19
KasperskyWorm.Win32.Vobfus.erzg
BitDefenderGen:Heur.ManBat.1
NANO-AntivirusTrojan.Win32.VB.ccwqss
SUPERAntiSpywareTrojan.Agent/Gen-Faker
AvastWin32:Agent-AZYN [Trj]
TencentWorm.Win32.Vobfus.n
SophosML/PE-A + W32/AutoRun-BXJ
ComodoTrojWare.Win32.VB.AVA@4paxk7
F-SecureTrojan.TR/Dropper.VB.Gen
BaiduWin32.Worm.Pronny.d
VIPREWorm.Win32.Vobfus.fi (v)
TrendMicroWORM_VOBFUS.SMJO
McAfee-GW-EditionBehavesLike.Win32.Fareit.dm
EmsisoftGen:Heur.ManBat.1 (B)
IkarusWorm.Win32.Vobfus
AviraTR/Dropper.VB.Gen
Antiy-AVLWorm/Win32.WBNA.gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ViRobotWorm.Win32.A.WBNA.249856.AQ
ZoneAlarmWorm.Win32.Vobfus.erzg
GDataGen:Heur.ManBat.1
CynetMalicious (score: 100)
AhnLab-V3Worm/Win32.WBNA.R26292
McAfeeVBObfus.ek
MAXmalware (ai score=85)
VBA32BScope.Trojan.VB.Onechki
MalwarebytesWorm.Obfuscator
APEXMalicious
RisingWorm.VobfusEx!1.99DC (CLASSIC)
YandexTrojan.GenAsa!bpPPm4EqFNw
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/VBKrypt.C!tr
AVGWin32:Agent-AZYN [Trj]
PandaW32/Vobfus.GEP.worm
CrowdStrikewin/malicious_confidence_100% (D)
MaxSecureWorm.W32.WBNA.mnp

How to remove Win32/Pronny.AT?

Win32/Pronny.AT removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment