Trojan:Win32/Emotet.ADA!MTB removal instruction

The Trojan:Win32/Emotet.ADA!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Emotet.ADA!MTB virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
CAPE detected the Emotet malware family

How to determine Trojan:Win32/Emotet.ADA!MTB?


File Info:
name: A25ECE245CC886EB5B06.mlw
path: /opt/CAPEv2/storage/binaries/61e879dcfaff237e1f2105d2dae17e5af3c806e27720f71f76f1c17e9254afb9
crc32: A85AE5D3
md5: a25ece245cc886eb5b060f4b87191bcc
sha1: 8561e155e88c73337b2e3c267568208f9b1662b2
sha256: 61e879dcfaff237e1f2105d2dae17e5af3c806e27720f71f76f1c17e9254afb9
sha512: e7b363ad0f1249a9661dd7709ed1a61dd2cab9e625289b0f584ffc7496316c4d0001d3de06c0e5c11ba11873d52f6c7a5b36be0f5733d23a54a0df723ae417a1
ssdeep: 768:wW2RFr+IhCpbp1gwE73kRjpYEPys1nbSxYQL6bVVwU:wW2Rh6p6rk/YEPysdSd+bVVwU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11BE28D571BCA00F7EA5710F288ABF7284EB4F427443C85F31349A995E97C3D2724A359
sha3_384: ed75d58ce0ef789707e2aeec60f9b1fe8a5f32262a1f98387fee831387148e4286054a5163565ce348e53423d7596b06
ep_bytes: e8590600006a0068e9000000ba4b99e0
timestamp: 2020-08-27 15:52:48

Version Info:
0: [No Data]

Trojan:Win32/Emotet.ADA!MTB also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Emotet.L!c
FireEye	Generic.mg.a25ece245cc886eb
McAfee	GenericRXMB-ZH!A25ECE245CC8
Malwarebytes	Malware.AI.1942337497
Zillya	Trojan.Emotet.Win32.63425
Sangfor	Spyware.Win32.Emotet.V7e7
Alibaba	Trojan:Win32/Emotet.e95ad4c8
Cybereason	malicious.5e88c7
Cyren	W32/Emotet.AYP.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	Windows.Trojan.Emotet
ESET-NOD32	a variant of Win32/Emotet.CD
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Fugrafa.288733
NANO-Antivirus	Virus.Win32.Gen.ccmw
Emsisoft	Gen:Variant.Fugrafa.288733 (B)
VIPRE	Gen:Variant.Fugrafa.288733
TrendMicro	TROJ_GEN.R002C0DHS23
McAfee-GW-Edition	BehavesLike.Win32.ExploitDcomRpc.nh
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan-Banker.Emotet
GData	Gen:Variant.Fugrafa.288733
Antiy-AVL	Trojan/Win32.Emotet
Arcabit	Trojan.Fugrafa.D467DD
ViRobot	Trojan.Win32.Emotet.32256.B
Microsoft	Trojan:Win32/Emotet.ADA!MTB
Google	Detected
AhnLab-V3	Trojan/Win32.Emotet.C4184986
ALYac	Gen:Variant.Fugrafa.288733
MAX	malware (ai score=84)
TrendMicro-HouseCall	TROJ_GEN.R002C0DHS23
Rising	Trojan.Emotet!8.B95 (TFE:2:92Z6BKtmr7H)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.215695045.susgen
Fortinet	W32/Emotet.CD!tr
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan:Win32/Emotet.ADA!MTB?

Trojan:Win32/Emotet.ADA!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X