Categories: Trojan

Win32/TrojanClicker.VB.NEH information

The Win32/TrojanClicker.VB.NEH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/TrojanClicker.VB.NEH virus can do?

Creates RWX memory
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Win32/TrojanClicker.VB.NEH?


File Info:
crc32: 7C383F3Cmd5: 0882a0a675617d632157301c77bf15e7name: 0882A0A675617D632157301C77BF15E7.mlwsha1: 9cb1963b96b46bb9ac9670270d731af945447113sha256: 8125320d758257ffc6f7f8065d38a6c1301b2b7518b5294c5fd8eeb243822564sha512: 2c5481bfa5ee279953918ca744a45660820100ba2fb6935eb1b0d02c396286a7210c9ab5b3ae1d342d416f12091406e22ffbca58f58dd64e1099c320791f923bssdeep: 768:KdzmQu1Tk7JVYVGfq2HHyownu+Gs2GX0pnYdC3S:Ku1cJV5q4yot+Gs2+UoC3Stype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
Translation: 0x0804 0x04b0LegalCopyright: x8001x4e01x538bx7f29x6587x4ef6x5408x5e76x5668InternalName: dingFileVersion: 1.03CompanyName: x8001x4e01x538bx7f29x6587x4ef6x5408x5e76x5668LegalTrademarks: x8001x4e01x538bx7f29x6587x4ef6x5408x5e76x5668Comments: x8001x4e01x538bx7f29x6587x4ef6x5408x5e76x5668ProductName: x8001x4e01x538bx7f29x6587x4ef6x5408x5e76x5668ProductVersion: 1.03FileDescription: x8001x4e01x538bx7f29x6587x4ef6x5408x5e76x5668OriginalFilename: ding.exe

Win32/TrojanClicker.VB.NEH also known as:

Bkav	W32.AIDetect.malware2
Lionic	Worm.Win32.Fujack.kYPi
Elastic	malicious (high confidence)
DrWeb	BackDoor.Bifrost.4698
Cynet	Malicious (score: 100)
ALYac	Backdoor.Bifrose.CC
Cylance	Unsafe
Zillya	Backdoor.Bifrose.Win32.60018
Sangfor	Trojan.Win32.DSSDetection.mt
CrowdStrike	win/malicious_confidence_80% (D)
Alibaba	TrojanClicker:Win32/Mondera.dd56c2e3
K7GW	Trojan ( 700001211 )
Cybereason	malicious.675617
Cyren	W32/RLPacked.A.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanClicker.VB.NEH
APEX	Malicious
Avast	Win32:Trojan-gen
ClamAV	Win.Dropper.Gh0stRAT-7414189-0
Kaspersky	Trojan.Win32.Mondera.bz
BitDefender	Gen:Packer.RLPack.A.bi0@a4Sw!Ceb
NANO-Antivirus	Trojan.Win32.Bifrose.jklu
ViRobot	Backdoor.Win32.Bifrose.32744
MicroWorld-eScan	Gen:Packer.RLPack.A.bi0@a4Sw!Ceb
Tencent	Win32.Trojan.Mondera.Gbq
Ad-Aware	Gen:Packer.RLPack.A.bi0@a4Sw!Ceb
Sophos	ML/PE-A
Comodo	Backdoor@#26mknh9j2oq45
BitDefenderTheta	AI:Packer.027AD48520
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R007C0PGU21
McAfee-GW-Edition	BehavesLike.Win32.HLLP.nc
FireEye	Generic.mg.0882a0a675617d63
Emsisoft	Gen:Packer.RLPack.A.bi0@a4Sw!Ceb (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Backdoor/Bifrose.gws
Webroot	W32.Malware.Gen
Avira	TR/Crypt.XPACK.Gen
Kingsoft	Win32.Hack.Bifrose.(kcloud)
Microsoft	PWS:Win32/Zbot!ml
GData	Gen:Packer.RLPack.A.bi0@a4Sw!Ceb
TACHYON	Backdoor/W32.Bifrose.32744.B
Acronis	suspicious
McAfee	RDN/Generic BackDoor
MAX	malware (ai score=100)
VBA32	TScope.Malware-Cryptor.SB
Panda	Generic Malware
TrendMicro-HouseCall	TROJ_GEN.R007C0PGU21
Yandex	Backdoor.Bifrose!V3Kui0o1+Lc
Ikarus	Backdoor.Rbot
MaxSecure	Trojan.Malware.184167.susgen
Fortinet	PossibleThreat
AVG	Win32:Trojan-gen