Trojan.Spy.Banker.VCM

By CagedTech in Trojans

Threat Scorecard

Ranking:	11,349
Threat Level:	80 % (High)
Infected Computers:	11,251

First Seen:	May 7, 2013
Last Seen:	September 3, 2023
OS(es) Affected:	Windows

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Ikarus	Win32.SuspectCrc
AntiVir	TR/Graftor.36646
Comodo	TrojWare.Win32.TrojanDownloader.Dadobra.~JH9
BitDefender	Gen:Variant.Zusy.12143
eSafe	Suspicious File
McAfee	Artemis!6BD864794F9C
Panda	Trj/DataRecovery.A
AVG	PSW.Banker6.AHNA
Fortinet	W32/Banker.YLX!tr
Ikarus	Trojan.Hijacker
AhnLab-V3	Trojan/Win32.Hijacker
Microsoft	TrojanSpy:Win32/Banker.VCM
AntiVir	TR/Hijacker.Gen
DrWeb	Trojan.DownLoad3.16249
Comodo	UnclassifiedMalware

SpyHunter Detects & Remove Trojan.Spy.Banker.VCM

File System Details

Trojan.Spy.Banker.VCM may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	CortanaPTBR.dll	5a0639bcf2df55d4171845bbaba3ee80	73
Name: CortanaPTBR.dll MD5: 5a0639bcf2df55d4171845bbaba3ee80 Size: 969.72 KB (969728 bytes) Detections: 73 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\65B308AA-C002-5813-2065-2CD8BCA76E12\UX3030 Group: Malware file Last Updated: August 25, 2017
2.	CortanaPTBR.dll	05055b03efa216e8542b70571973b12c	33
Name: CortanaPTBR.dll MD5: 05055b03efa216e8542b70571973b12c Size: 969.72 KB (969728 bytes) Detections: 33 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\7C7C5B73-06D0-3D4B-2F1B-82CCCB324467\FA3030 Group: Malware file Last Updated: August 25, 2017
3.	tHov8F2.cpl	dec4c99540599f9a7c6ad500ff7c2d8a	25
Name: tHov8F2.cpl MD5: dec4c99540599f9a7c6ad500ff7c2d8a Size: 878.08 KB (878080 bytes) Detections: 25 Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\tHov8F2.cpl Group: Malware file Last Updated: September 28, 2020
4.	CortanaPTBR.dll	c1998df193d5b5258c150afa0cef5337	7
Name: CortanaPTBR.dll MD5: c1998df193d5b5258c150afa0cef5337 Size: 965.12 KB (965120 bytes) Detections: 7 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\WGUOEA-FJUU2O-22TAHA-UUZNSA-WGUNHE\GG2026 Group: Malware file Last Updated: August 25, 2017
5.	IFrameDynamic.dll	e17b47cb66f255ec68b62a77dc9c5b73	7
Name: IFrameDynamic.dll MD5: e17b47cb66f255ec68b62a77dc9c5b73 Size: 713.21 KB (713216 bytes) Detections: 7 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\WGUOEA-FJUU2O-22TAHA-UUZNSA-WGUNHE\GG2026 Group: Malware file Last Updated: August 25, 2017
6.	IFrameDynamic.dll	90bb77c96238cc27fcf2e43dc6e0a6bb	5
Name: IFrameDynamic.dll MD5: 90bb77c96238cc27fcf2e43dc6e0a6bb Size: 713.21 KB (713216 bytes) Detections: 5 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\B54B58E7-C2F4-EF6D-FD8B-AE07C678CA64\MT2029 Group: Malware file Last Updated: August 25, 2017
7.	CortanaPTBR.dll	9b69c640aa7e93862c5c0010f12ef632	5
Name: CortanaPTBR.dll MD5: 9b69c640aa7e93862c5c0010f12ef632 Size: 967.16 KB (967168 bytes) Detections: 5 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\00537E74-2168-58A2-31AB-C7C0802A481F\AP3030 Group: Malware file Last Updated: August 25, 2017
8.	iOSPhoneProtect.dll	e5e71f523e6675255e63d23a78a4e3a0	5
Name: iOSPhoneProtect.dll MD5: e5e71f523e6675255e63d23a78a4e3a0 Size: 965.63 KB (965632 bytes) Detections: 5 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\24D81277-CED8-0E0E-8465-A50F41F760A5\FA3031 Group: Malware file Last Updated: December 18, 2019
9.	CortanaPTBR.dll	4fd773153c559e88de149f6f058e4797	3
Name: CortanaPTBR.dll MD5: 4fd773153c559e88de149f6f058e4797 Size: 969.21 KB (969216 bytes) Detections: 3 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\CEF6CEAA-6C57-B2B8-00D8-FB2321314807\MT2028 Group: Malware file Last Updated: August 25, 2017
10.	CortanaPTBR.dll	27a0247c5402afddfe998d8293692b90	3
Name: CortanaPTBR.dll MD5: 27a0247c5402afddfe998d8293692b90 Size: 965.63 KB (965632 bytes) Detections: 3 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\7CD7D17C-5D72-D21F-C4BE-CAF3E3A54EE3\BJ2027 Group: Malware file Last Updated: August 25, 2017
11.	CortanaPTBR.dll	48e0d99dba5a7d2f4bfae8ef30705e14	3
Name: CortanaPTBR.dll MD5: 48e0d99dba5a7d2f4bfae8ef30705e14 Size: 967.68 KB (967680 bytes) Detections: 3 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\DOYIRN-OLCCYC-YUYLI0-8KUYAN-F0QFOO\SA3025 Group: Malware file Last Updated: August 25, 2017
12.	NativeDebian9.dll	063479e6aa1a0141986da3ebbc7ea8dc	2
Name: NativeDebian9.dll MD5: 063479e6aa1a0141986da3ebbc7ea8dc Size: 704 KB (704000 bytes) Detections: 2 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\04D02833-ECF4-00BB-2725-62B8E26B5C05\AP3031 Group: Malware file Last Updated: August 26, 2017
13.	NativeDebian9.dll	ec612cc10c0d17d39a8fd51fae9d51f1	2
Name: NativeDebian9.dll MD5: ec612cc10c0d17d39a8fd51fae9d51f1 Size: 699.39 KB (699392 bytes) Detections: 2 Type: Dynamic link library Path: %APPDATA%\Microsoft\Network\E2FB85AF-DE4B-AFAE-23F7-146CF0EEC6BC\PI3032 Group: Malware file Last Updated: August 26, 2017
14.	iOSPhoneProtect.dll	8a8a7776ba50fac106a1a0bde39bd8a1	2
Name: iOSPhoneProtect.dll MD5: 8a8a7776ba50fac106a1a0bde39bd8a1 Size: 969.72 KB (969728 bytes) Detections: 2 Type: Dynamic link library Path: %APPDATA%\Microsoft\Network\E2FB85AF-DE4B-AFAE-23F7-146CF0EEC6BC\PI3032 Group: Malware file Last Updated: August 26, 2017
15.	iOSPhoneProtect.dll	d6be8ebbd7e89a4ff59715314d415ca8	2
Name: iOSPhoneProtect.dll MD5: d6be8ebbd7e89a4ff59715314d415ca8 Size: 967.16 KB (967168 bytes) Detections: 2 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\6834AB16-D567-F86F-EFB1-73461FD4DDFA\FA3031 Group: Malware file Last Updated: August 26, 2017
16.	CortanaPTBR.dll	51bc6e076e8cc2ad38904bf166eec1a5	1
Name: CortanaPTBR.dll MD5: 51bc6e076e8cc2ad38904bf166eec1a5 Size: 969.21 KB (969216 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\5FD1D444-40A8-84F6-8E66-714C6B3E1FF6\NO2027 Group: Malware file Last Updated: August 25, 2017
17.	IFrameDynamic.dll	85298146b1d991bc7d61af646664cadb	1
Name: IFrameDynamic.dll MD5: 85298146b1d991bc7d61af646664cadb Size: 709.63 KB (709632 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\5FD1D444-40A8-84F6-8E66-714C6B3E1FF6\NO2027 Group: Malware file Last Updated: August 25, 2017
18.	CortanaPTBR.dll	5ab833befda4289c590cd59ce4f9ad64	1
Name: CortanaPTBR.dll MD5: 5ab833befda4289c590cd59ce4f9ad64 Size: 967.16 KB (967168 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\FD14FCA8-5673-4105-2C45-02ABD4B73AF3\OV3030 Group: Malware file Last Updated: August 25, 2017
19.	CortanaPTBR.dll	be39ba009af52eb8723f61bcce28c5a1	1
Name: CortanaPTBR.dll MD5: be39ba009af52eb8723f61bcce28c5a1 Size: 969.21 KB (969216 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\9THFWT-VCY3X7-M7PVMH-BVJSZ2-C4GLKQ\GG2028 Group: Malware file Last Updated: August 25, 2017
20.	CortanaPTBR.dll	f5d90caa15dcc12f0758cc341f78534e	1
Name: CortanaPTBR.dll MD5: f5d90caa15dcc12f0758cc341f78534e Size: 965.63 KB (965632 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\B8C6A15D-4EFA-CDA8-A403-76A045CA455F\DR3027 Group: Malware file Last Updated: August 25, 2017
21.	IFrameDynamic.dll	180eec95401186607ffcc8df8ed7c190	1
Name: IFrameDynamic.dll MD5: 180eec95401186607ffcc8df8ed7c190 Size: 699.39 KB (699392 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\B8C6A15D-4EFA-CDA8-A403-76A045CA455F\DR3027 Group: Malware file Last Updated: August 25, 2017
22.	CortanaPTBR.dll	c1b09ba3b5ff31aba42becc11744e605	1
Name: CortanaPTBR.dll MD5: c1b09ba3b5ff31aba42becc11744e605 Size: 969.21 KB (969216 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\B54B58E7-C2F4-EF6D-FD8B-AE07C678CA64\MT2029 Group: Malware file Last Updated: August 25, 2017
23.	IFrameDynamic.dll	14d717f08ee9d08b3b7da53689a4a33f	1
Name: IFrameDynamic.dll MD5: 14d717f08ee9d08b3b7da53689a4a33f Size: 893.45 KB (893450 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\3EBC3B17-F740-5168-7517-7ACEBE4ABB3A\BJ3027 Group: Malware file Last Updated: August 25, 2017
24.	iOSPhoneProtect.dll	b7f947331e04b2eb1a7e69be38b5609e	1
Name: iOSPhoneProtect.dll MD5: b7f947331e04b2eb1a7e69be38b5609e Size: 10.3 MB (10306560 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\8B470CE1-5C47-2440-7B4A-300D62D4C11A\PI3031 Group: Malware file Last Updated: August 26, 2017
25.	NativeDebian9.dll	178cc1b894b7866488a0c416aba07374	1
Name: NativeDebian9.dll MD5: 178cc1b894b7866488a0c416aba07374 Size: 2.52 MB (2521088 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Protect\8B470CE1-5C47-2440-7B4A-300D62D4C11A\PI3031 Group: Malware file Last Updated: August 26, 2017
26.	iOSPhoneProtect.dll	68aba3d4eb40cd71eb6c7aa7973d6e43	1
Name: iOSPhoneProtect.dll MD5: 68aba3d4eb40cd71eb6c7aa7973d6e43 Size: 966.65 KB (966656 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Network\Redes\B672E7F1-C31B-BD38-2B7C-61B77FBE4813\DR3033 Group: Malware file Last Updated: August 26, 2017
27.	NativeDebian9.dll	2813f64a6d13de2c18c68bea982ffc04	1
Name: NativeDebian9.dll MD5: 2813f64a6d13de2c18c68bea982ffc04 Size: 702.46 KB (702464 bytes) Detections: 1 Type: Dynamic link library Path: %APPDATA%\Microsoft\Network\Redes\B672E7F1-C31B-BD38-2B7C-61B77FBE4813\DR3033 Group: Malware file Last Updated: August 26, 2017
28.	banker.exe	b77925834fa4a5a72ea7c4ebfc92b3eb	1
Name: banker.exe MD5: b77925834fa4a5a72ea7c4ebfc92b3eb Size: 923.13 KB (923136 bytes) Detections: 1 Type: Executable File Path: C:\Users\<username>\Desktop Group: Malware file Last Updated: April 4, 2018
29.	file.exe	142ebfa97041ca2beec66f9e8dfd07e4	0
Name: file.exe MD5: 142ebfa97041ca2beec66f9e8dfd07e4 Size: 4.02 MB (4021792 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: June 18, 2017

More files

Registry Details

Trojan.Spy.Banker.VCM may create the following registry entry or registry entries:

Regexp file mask

%ALLUSERSPROFILE%\Skype\ssScreenVVS2.exe

%APPDATA%\AdobeARM\AdobeARM.exe

%APPDATA%\Microsoft\GoogleTranslator.dll

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\settings.vbe

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\winlogon.vbe

%APPDATA%\winsystem32.dll

%TEMP%\ProcessEX.exe

%WINDIR%\help\tmp52[NUMBERS].dat

%WINDIR%\System32\drivers\prifass.sys

%WINDIR%\winsb\sidebarsql.exe

Directories

Trojan.Spy.Banker.VCM may create the following directory or directories:

%ALLUSERSPROFILE%\ASX\ProgramData

%APPDATA%\SisPlugin

%APPDATA%\system16

%appdata%\SASD41310

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Trojan.Spy.Banker.VCM

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Trojan.Spy.Banker.VCM

File System Details

Registry Details

Directories

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen