Malware

Win32:Zbot-QKF [Trj] malicious file

Malware Removal

The Win32:Zbot-QKF [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Zbot-QKF [Trj] virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32:Zbot-QKF [Trj]?



File Info:

name: 90BD5BD50536C6118B6E.mlw
path: /opt/CAPEv2/storage/binaries/39d1df5a039990da331d160804f636ee0cb6b73a02628d303efe92ae369d65f0
crc32: F4CB9F7F
md5: 90bd5bd50536c6118b6ed30fa41aab47
sha1: c43c6e1cfd687036ed4f2615508d9fc96a31bd06
sha256: 39d1df5a039990da331d160804f636ee0cb6b73a02628d303efe92ae369d65f0
sha512: 40377ae107ee179ff84577437339639ea9c74a2b1200ecf87878079713999aaf8551aff942b70754605a7847d85a6bf00320df425f660a1f24e7c09734b66681
ssdeep: 384:oS46SOujJYn8sYqxhR1NouFyturmhfb7EgjG7PSMtSCGonts8z:SHNYn/Yqb3NT3mhz7EgjG7PhtSLonP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T110E27021770589C2D96B073D587EBF168F3D2AD2278D04C51A8E396FCB626CFBA501C2
sha3_384: 8921c732fdc366b12880ce9ac32aa72656e9d919ce476fb29f1ca9b1f020826ca43420213a85a8d83f44dba0a23f59f1
ep_bytes: 558bec518bc08bc58bc08945fc8b45fc
timestamp: 2013-01-22 17:59:04


Version Info:

0: [No Data]

Win32:Zbot-QKF [Trj] also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
FireEyeGeneric.mg.90bd5bd50536c611
ZillyaTrojan.Bublik.Win32.6813
K7AntiVirusTrojan ( 0040f26d1 )
K7GWTrojan ( 0040f26d1 )
CrowdStrikewin/malicious_confidence_70% (W)
CyrenW32/Zbot.FO.gen!Eldorado
SymantecPacked.Generic.406
APEXMalicious
KasperskyTrojan.Win32.Bublik.abyt
NANO-AntivirusTrojan.Win32.Zbot.bobpxq
AvastWin32:Zbot-QKF [Trj]
SophosTroj/Zbot-DUZ
ComodoTrojWare.Win32.Kazy.DFFE@4yswuj
DrWebTrojan.PWS.Panda.2401
VIPREVirtool.Win32.Obfuscator.as!c (v)
TrendMicroTSPY_ZBOT.SMAM
McAfee-GW-EditionPWS-Zbot-FAKU!90BD5BD50536
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.Bublik.dwi
AviraTR/Kazy.139169784
MicrosoftTrojan:Win32/Woreflint.A!cl
ZoneAlarmTrojan.Win32.Bublik.abyt
CynetMalicious (score: 100)
McAfeePWS-Zbot-FAKU!90BD5BD50536
TrendMicro-HouseCallTSPY_ZBOT.SMAM
RisingMalware.Heuristic!ET#77% (RDMK:cmRtazrtnYmjM3Fh0riji4NWcyZz)
FortinetW32/Zbot.DHN!tr
AVGWin32:Zbot-QKF [Trj]
Cybereasonmalicious.50536c
PandaTrj/Hexas.HEU

How to remove Win32:Zbot-QKF [Trj]?

Win32:Zbot-QKF [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment