Categories: Trojan

Win32/TrojanClicker.Delf.NTJ (file analysis)

The Win32/TrojanClicker.Delf.NTJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/TrojanClicker.Delf.NTJ virus can do?

Attempts to connect to a dead IP:Port (2 unique times)
Creates RWX memory
A process attempted to delay the analysis task.
Unconventionial language used in binary resources: Russian
Installs itself for autorun at Windows startup
Creates a copy of itself
Attempts to disable browser security warnings
Anomalous binary characteristics

Related domains:

www.internetcached.com

host-format.com

How to determine Win32/TrojanClicker.Delf.NTJ?


File Info:
crc32: C0BFD516md5: f5230e71756a49244a7f18524a9c4824name: F5230E71756A49244A7F18524A9C4824.mlwsha1: d6f2e0e9a10eefcf24674b5c5646d3f4ba060f6dsha256: d3e6754438f27b7e37a41030c919ffd6f700f189d801acd457cc422f8c856b51sha512: 7f62f05cfc7ad35bde2c479de3e9ae004f93d828b3a63b255754fb5a469987b5852dcac2e7ebf5462a7c928d9f6cfc7a539abf4a729e63c2412a43d35311905fssdeep: 12288:J5BJqohzx3TCby51ASBpPLAhYtHpwDjXQuIu6JKwtajC2JT29:J5X5h9pXzPEh0pOL01DajZJT2type: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

Win32/TrojanClicker.Delf.NTJ also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0055e3e61 )
Lionic	Trojan.Win32.Buzus.l5kR
Elastic	malicious (high confidence)
DrWeb	Trojan.Click2.35590
Cynet	Malicious (score: 100)
ALYac	Gen:Trojan.Agent.Delf.GY.UGW@aiBOIFjc
Cylance	Unsafe
Zillya	Trojan.Delf.Win32.75030
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_60% (D)
Alibaba	Ransom:Win32/Blocker.c8161f3d
K7GW	Trojan ( 0055e3e61 )
Cybereason	malicious.1756a4
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanClicker.Delf.NTJ
APEX	Malicious
Avast	Win32:Wombot-B [Trj]
Kaspersky	Trojan-Ransom.Win32.Blocker.cpcs
BitDefender	Gen:Trojan.Agent.Delf.GY.UGW@aiBOIFjc
NANO-Antivirus	Trojan.Win32.Blocker.fchkzc
MicroWorld-eScan	Gen:Trojan.Agent.Delf.GY.UGW@aiBOIFjc
Tencent	Win32.Trojan.Blocker.Eawh
Ad-Aware	Gen:Trojan.Agent.Delf.GY.UGW@aiBOIFjc
Sophos	Mal/Generic-S
Comodo	Malware@#3795widxeiyt9
BitDefenderTheta	AI:Packer.904286EC21
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.GenDownloader.bh
FireEye	Generic.mg.f5230e71756a4924
Emsisoft	Gen:Trojan.Agent.Delf.GY.UGW@aiBOIFjc (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Backdoor/Delf.wmd
Avira	BDS/Backdoor.Gen
eGambit	Generic.Malware
Antiy-AVL	Trojan/Generic.ASMalwS.20EE06
Microsoft	Backdoor:Win32/Wombot.A
Arcabit	Trojan.Agent.Delf.GY.E61EBC
GData	Gen:Trojan.Agent.Delf.GY.UGW@aiBOIFjc
Acronis	suspicious
McAfee	Artemis!F5230E71756A
MAX	malware (ai score=100)
VBA32	Backdoor.Delf
Panda	Trj/CI.A
Rising	Trojan.Generic@ML.92 (RDML:gwA6/fih+2QXmhtRez6ogA)
Yandex	Trojan.GenAsa!9NmcAracx20
Ikarus	Trojan-Dropper.Delf
Fortinet	W32/Blocker.CPCS!tr
AVG	Win32:Wombot-B [Trj]
Paloalto	generic.ml