Trojan

Win32/TrojanDownloader.Banload.YNB information

Malware Removal

The Win32/TrojanDownloader.Banload.YNB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDownloader.Banload.YNB virus can do?

  • Creates RWX memory
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Checks for the presence of known windows from debuggers and forensic tools
  • Exhibits possible ransomware file modification behavior
  • Network activity detected but not expressed in API logs
  • Attempts to identify installed analysis tools by a known file location
  • Attempts to identify installed AV products by installation directory
  • Anomalous binary characteristics

Related domains:

www.mediafire.com

How to determine Win32/TrojanDownloader.Banload.YNB?



File Info:

crc32: 2AC2CAB9
md5: 113a537d02f795488611518c9e4419c2
name: 113A537D02F795488611518C9E4419C2.mlw
sha1: 583dc70e41f912996786f71792722ac0414a5ae7
sha256: e927ab3f91b02b2abe2f09c4af698fc21671d0bb210d1e0187fb76ca7a5589bb
sha512: 7f8dcf6882f3456399fd63147a530a834c7c616e9e28090999739fdcfa0bbc0673ea88fa78b7816fa900c263ee2b5f1e221119d868b401cc9e1a82fe6b092c97
ssdeep: 98304:DFjg3JV4MLB71PtJU/P/OgxBaNYPgMq1+lU8kcQj8WbPPekP+XWowkispyUXJv:2bbPtJUP1Pq1+lU/ctWbPf+IkiQ9
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Ryno Pc Computech Copyright (C)
InternalName: Ryno Pc Computech 
FileVersion: 18.5.4.7
CompanyName: Ryno Pc Computech 
LegalTrademarks: Ryno Pc Computech 
ProductName: Ryno Pc Computech 
ProgramID: RynoPcComputech
ProductVersion: 18.5.4.7
FileDescription: Ryno Pc Computech 
OriginalFilename: Ryno Pc Computech 
Translation: 0x0409 0x04e4

Win32/TrojanDownloader.Banload.YNB also known as:

BkavW32.AIDetectVM.malware1
McAfeeArtemis!113A537D02F7
CylanceUnsafe
BitDefenderThetaGen:NN.ZelphiF.34688.@V0@a4f8!fnO
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyUDS:DangerousObject.Multi.Generic
F-SecureHeuristic.HEUR/AGEN.1138799
McAfee-GW-EditionBehavesLike.Win32.Dropper.wh
SentinelOneStatic AI – Suspicious PE
AviraHEUR/AGEN.1138799
MicrosoftProgram:Win32/Wacapew.C!ml
AegisLabTrojan.Win32.Generic.4!c
ZoneAlarmUDS:DangerousObject.Multi.Generic
ESET-NOD32a variant of Win32/TrojanDownloader.Banload.YNB
IkarusWin32.Outbreak
FortinetW32/Banload.YNB!tr.dldr
AVGFileRepMalware

How to remove Win32/TrojanDownloader.Banload.YNB?

Win32/TrojanDownloader.Banload.YNB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment