Malware

Win32:Pronny-N [Trj] removal

Malware Removal

The Win32:Pronny-N [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Pronny-N [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded pe malware family
  • Attempts to disable Windows Auto Updates
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Win32:Pronny-N [Trj]?



File Info:

name: 74DDC1005A62D20C30F3.mlw
path: /opt/CAPEv2/storage/binaries/104604407afe094ce85c4da2781a110b376005b74d9e9dca410cf8aa4cd36c76
crc32: 1C3F62E6
md5: 74ddc1005a62d20c30f37995721bedd9
sha1: 2cbe17662f86459b896f1f11a2ac6acfccffd442
sha256: 104604407afe094ce85c4da2781a110b376005b74d9e9dca410cf8aa4cd36c76
sha512: c638c22def7ef0895106fc7a2b8983883c37ed1e80cf48579a3ffb26ecca3a3986ee3dd88abb14f7e4bb65621f75df4fffac28ac4d9cad83a0a41c1201499ab6
ssdeep: 6144:jt6mzGXoYZpDPCPLa64fmdK+dtT462XvjgQAwzDTwgQP:jcNpGTa64edrtL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T177347425A3D0FB3DE864C6F82854469058AAAE3358D1EC17F6D19B0A77B1E57F220373
sha3_384: 9bb2352ccfe6904df1f121b4dad6c44f21960f23efea89bddb2b02216672bffe67cb57ef868f03abce1e6f9b94fb059a
ep_bytes: 68ec4d4000e8eeffffff000068000000
timestamp: 2012-06-06 06:24:26


Version Info:

Translation: 0x0409 0x04b0
Comments: Potresti regaler Caleidoscopio
CompanyName: Gadoidea
FileDescription: Praecuneus Ungrained Comrades
LegalCopyright: pylorus peripateticate constituent
LegalTrademarks: redive
ProductName: postfixation
FileVersion: 80.00
ProductVersion: 80.00
InternalName: jourjxyn
OriginalFilename: jourjxyn.exe

Win32:Pronny-N [Trj] also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebTrojan.VbCrypt.81
MicroWorld-eScanGen:Variant.Symmi.769
CAT-QuickHealTrojan.Beebone.D
SkyhighBehavesLike.Win32.VBObfus.dm
McAfeeVBObfus.ek
MalwarebytesGeneric.Malware.AI.DDS
SangforTrojan.Win32.Save.a
K7AntiVirusEmailWorm ( 0054d10f1 )
K7GWEmailWorm ( 0054d10f1 )
Cybereasonmalicious.05a62d
BitDefenderThetaGen:NN.ZevbaF.36802.om0@aC8S!Qdi
VirITTrojan.Win32.SHeur4.AHIO
SymantecW32.Changeup
ESET-NOD32Win32/Pronny.AY
APEXMalicious
TrendMicro-HouseCallWORM_VOBFUS.SM01
ClamAVWin.Trojan.Changeup-6169544-0
KasperskyWorm.Win32.Vobfus.erpb
BitDefenderGen:Variant.Symmi.769
NANO-AntivirusTrojan.Win32.Kazy.crgjde
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
AvastWin32:Pronny-N [Trj]
RisingWorm.AutoRun!1.E3CB (CLASSIC)
EmsisoftGen:Variant.Symmi.769 (B)
F-SecureTrojan.TR/Kazy.74760.38
BaiduWin32.Worm.Pronny.d
VIPREGen:Variant.Symmi.769
TrendMicroWORM_VOBFUS.SM01
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.74ddc1005a62d20c
SophosMal/SillyFDC-W
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=84)
GoogleDetected
AviraTR/Kazy.74760.38
VaristW32/Vobfus.BE.gen!Eldorado
Antiy-AVLWorm/Win32.WBNA.gen
MicrosoftWorm:Win32/Vobfus.gen!R
XcitiumWorm.Win32.Pronny.AK@4ogvoo
ArcabitTrojan.Symmi.769
ViRobotTrojan.Win32.A.Diple.241664.GE
ZoneAlarmWorm.Win32.Vobfus.erpb
GDataGen:Variant.Symmi.769
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Jorik.R27224
Acronissuspicious
VBA32BScope.Trojan.Diple
ALYacGen:Variant.Symmi.769
TACHYONWorm/W32.Vobfus.241664.C
Cylanceunsafe
PandaW32/Vobfus.GEW.worm
ZonerTrojan.Win32.90019
TencentWorm.Win32.Vobfus.n
IkarusTrojan.Win32.Diple
FortinetW32/VBKrypt.C!tr
AVGWin32:Pronny-N [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)
alibabacloudTrojan:Win/Vobfus.f7257a6c

How to remove Win32:Pronny-N [Trj]?

Win32:Pronny-N [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment