Simda.Backdoor.Stealer.DDS removal

The Simda.Backdoor.Stealer.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Simda.Backdoor.Stealer.DDS virus can do?

Reads data out of its own binary image
A process created a hidden window
Drops a binary and executes it
The binary likely contains encrypted or compressed data.
Uses Windows utilities for basic functionality
Network activity detected but not expressed in API logs
Creates a copy of itself
Creates a slightly modified copy of itself
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Simda.Backdoor.Stealer.DDS?


File Info:
crc32: 837697CF
md5: c39e652b20ed4d0de6e6525c32ee71a5
name: C39E652B20ED4D0DE6E6525C32EE71A5.mlw
sha1: 573a7d613ce9065f8eed009c4fe4e8ad112b5f11
sha256: 18abd743b8deabc0a54c637231d35ed90748ce006d192393f7ee14e10b5a083b
sha512: afd17cb0feced3992453d518e45da3d4a911bb874c235f478ec5b9a181b115bdd7c855cfcad2af9fdbfb386d7b997cb362345c7a9addef6d228964df127253bb
ssdeep: 6144:K6p2sSxTrGvsFUejWyZr3hPswa1TZjxzF:KwaTbFUe5Zrxw3Z
type: MS-DOS executable, MZ for MS-DOS

Version Info:
0: [No Data]

Simda.Backdoor.Stealer.DDS also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.317803
CAT-QuickHeal	Trojan.Shifu
ALYac	Gen:Variant.Zusy.317803
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Win.Malware.Shifu-6804440-0
K7AntiVirus	Spyware ( 005228cb1 )
BitDefender	Gen:Variant.Zusy.317803
K7GW	Spyware ( 005228cb1 )
Cybereason	malicious.b20ed4
Cyren	W32/S-7a16e605!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Shifu-B [Trj]
ClamAV	Win.Trojan.Shifu-6330434-1
Kaspersky	Trojan-Banker.Win32.Shifu.eph
NANO-Antivirus	Trojan.Win32.Shiz.dvsrfy
ViRobot	Trojan.Win32.Agent.168448.U
Rising	Ransom.Blocker!8.12A (TFE:dGZlOgLaeyYIjEMjGQ)
Ad-Aware	Gen:Variant.Zusy.317803
Emsisoft	Gen:Variant.Zusy.317803 (B)
Comodo	TrojWare.Win32.Spy.Shiz.NCA@8m98i8
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.MulDrop7.20629
Zillya	Trojan.Shifu.Win32.360
TrendMicro	TROJ_GEN.R03BC0DBQ21
McAfee-GW-Edition	BehavesLike.Win32.Generic.dc
FireEye	Generic.mg.c39e652b20ed4d0d
Sophos	ML/PE-A + Troj/Shifu-I
Ikarus	Trojan-Banker.ShiFu
Jiangmin	Trojan.Yakes.akc
Avira	TR/Dropper.Gen
eGambit	Unsafe.AI_Score_95%
Antiy-AVL	Trojan/Win32.TSGeneric
Microsoft	Trojan:Win32/Upatre
Gridinsoft	Trojan.Win32.Packed.bot!s1
Arcabit	Trojan.Zusy.D4D96B
ZoneAlarm	Trojan-Banker.Win32.Shifu.eph
GData	Win32.Trojan-Spy.Shiz.D
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Shifu.C2756321
Acronis	suspicious
McAfee	GenericRXGM-ZQ!C39E652B20ED
MAX	malware (ai score=87)
VBA32	TrojanBanker.Shifu
Malwarebytes	Simda.Backdoor.Stealer.DDS
Panda	Trj/Genetic.gen
Zoner	Trojan.Win32.75090
ESET-NOD32	Win32/Spy.Shiz.NCR
TrendMicro-HouseCall	TROJ_GEN.R03BC0DBQ21
Tencent	Malware.Win32.Gencirc.10b0cf32
Yandex	Trojan.GenAsa!zlrAhKZjOyI
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Generic.AC.42C3E4
BitDefenderTheta	AI:Packer.6EB81FC01F
AVG	Win32:Shifu-B [Trj]
CrowdStrike	win/malicious_confidence_100% (W)
Qihoo-360	HEUR/QVM19.1.8E5B.Malware.Gen

How to remove Simda.Backdoor.Stealer.DDS?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Simda.Backdoor.Stealer.DDS removal