Worm:Win32/Eggnog.A information

The Worm:Win32/Eggnog.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Worm:Win32/Eggnog.A virus can do?

Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Likely virus infection of existing system binary
Anomalous binary characteristics

How to determine Worm:Win32/Eggnog.A?


File Info:
name: 1741C5AA8237286BA38B.mlw
path: /opt/CAPEv2/storage/binaries/7f1e0b9f406a4df549c9df262f0e083ab63725da59feed48d764d6d235dce7e9
crc32: FEA472F2
md5: 1741c5aa8237286ba38bf82d561aa44c
sha1: 66395a5126f1c4df3dc16211fb3d881ca754a152
sha256: 7f1e0b9f406a4df549c9df262f0e083ab63725da59feed48d764d6d235dce7e9
sha512: 074add03b2f0e3d659ead80424b8aab476b5f902934a8a891a06eafd84bb33cc9712e5e526b49d7950f38f1a5d4b2e7bad879b434785c620a2fd438c741b61ce
ssdeep: 768:2CmgvL73+kEJ63H8Uu+3KoNMCRQ7wQcOHcF4o6Qf9iGIooeomi9sff6O:2CXvtOyymQRiZ6qXIjj96H
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D333CF42F5C08973C9A186FCDD07E229BE6EBB111E11189B3FF90F8DD969507483E2A1
sha3_384: 128442181338f1193e554837be24e333f0182809d478455273c9281a598897c242cab6c6855a1a90797c986c563ee6be
ep_bytes: 558bec83c4f0b81c584000e84cd1ffff
timestamp: 1992-06-19 22:22:17

Version Info:
0: [No Data]

Worm:Win32/Eggnog.A also known as:

Bkav	W32.FamVT.EggogKA.Worm
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Trojan.P2P-Worm.dGY@aGDgc0g
FireEye	Generic.mg.1741c5aa8237286b
CAT-QuickHeal	Worm.Eggnog.B8
ALYac	Gen:Trojan.P2P-Worm.dGY@aGDgc0g
Cylance	Unsafe
Zillya	Worm.Eggnog.Win32.1
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	EmailWorm ( 00556f041 )
K7GW	EmailWorm ( 005327141 )
Cybereason	malicious.a82372
BitDefenderTheta	AI:Packer.67EA300321
Cyren	W32/Eggnog.VVTN-2043
Symantec	W32.HLLW.Eggnog
ESET-NOD32	Win32/Eggnog.A
Baidu	Win32.Worm.Eggnog.a
TrendMicro-HouseCall	WORM_EGGNOG.SMI
ClamAV	Win.Worm.Fearso-7358009-0
Kaspersky	P2P-Worm.Win32.Eggnog.a
BitDefender	Gen:Trojan.P2P-Worm.dGY@aGDgc0g
NANO-Antivirus	Trojan.Win32.Eggnog.emlu
Avast	Win32:Eggnog [Wrm]
Rising	Worm.P2p.Eggnog.a (CLASSIC)
Ad-Aware	Gen:Trojan.P2P-Worm.dGY@aGDgc0g
Sophos	ML/PE-A + W32/Eggnog-A
Comodo	Worm.Win32.Eggnog.A@2e2v
DrWeb	Win32.HLLW.Google.24576
VIPRE	BehavesLike.Win32.Malware.tsc (mx-v)
TrendMicro	WORM_EGGNOG.SMI
McAfee-GW-Edition	BehavesLike.Win32.Eggnog.pc
SentinelOne	Static AI – Malicious PE
Emsisoft	Gen:Trojan.P2P-Worm.dGY@aGDgc0g (B)
APEX	Malicious
GData	Win32.Worm.Fearso.A
Jiangmin	Worm/Eggnog.edc
MaxSecure	Worm.Eggnog.a
Avira	WORM/Eggnog.A
Antiy-AVL	Trojan/Generic.ASBOL.BAC
Arcabit	Trojan.P2P-Worm.E6BA10
ViRobot	Worm.Win32.Eggnog.25017
Microsoft	Worm:Win32/Eggnog.A
Cynet	Malicious (score: 100)
AhnLab-V3	Win32/Eggnog.worm.25017
Acronis	suspicious
McAfee	W32/Eggnog.worm.gen
MAX	malware (ai score=84)
VBA32	Worm.Eggnog
Malwarebytes	Malware.AI.2878212836
Tencent	Trojan.Win32.BitCoinMiner.la
Yandex	Trojan.GenAsa!EU7uvRL87VA
Ikarus	Email-Worm.Win32.Fearso
eGambit	Unsafe.AI_Score_100%
Fortinet	W32/Eggnog.E!worm
AVG	Win32:Eggnog [Wrm]
Panda	Generic Suspicious
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Worm:Win32/Eggnog.A?

Worm:Win32/Eggnog.A removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X