Categories: Backdoor

About “Backdoor.Bot.158044” infection

The Backdoor.Bot.158044 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor.Bot.158044 virus can do?

Yara rule detections observed from a process memory dump/dropped files/CAPE
Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Backdoor.Bot.158044?


File Info:
name: 1CA06B2DD6BAED20461D.mlwpath: /opt/CAPEv2/storage/binaries/baca434e9d5f89ea955a29c5e3abb7b5f6352b1e0ade87b85204c6e04758c6f9crc32: A198E1E0md5: 1ca06b2dd6baed20461d79c318b78284sha1: fd181ad00db8bd3304d50817ddbdbb33036d3edesha256: baca434e9d5f89ea955a29c5e3abb7b5f6352b1e0ade87b85204c6e04758c6f9sha512: 8e303ac3cee5bc93ce7ed8f994cec2693731465c71afbe3d85b0e97a8d0a92e23081227d9f881d2aa5e3d54c4a527d2e6776588cf9710679b2745a123ff600cessdeep: 1536:wnCKSGkmYfvrsvyQKR400lUK0p/gCkpy+vvJrAG4xjpr:wnCc6fgvyR4OSpy+JrAG4xj5type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T17763028359A7B6C6C144E274127F5C158B58BD294079071F23E0FF68EF30B97261BAB2sha3_384: 2f8d2c5e11153097a96715cdc5608d4c4be82dd84234c8271c6bef858cfd2af24d9357f787c74933d34bc969533b9b44ep_bytes: 60be00f044008dbe0020fbff5783cdfftimestamp: 2004-02-06 13:39:57
Version Info:
0: [No Data]

Backdoor.Bot.158044 also known as:

Elastic	malicious (moderate confidence)
DrWeb	Trojan.Fakealert.33004
MicroWorld-eScan	Backdoor.Bot.158044
CAT-QuickHeal	Trojan.Generic.11450
McAfee	GenericRXAA-AA!1CA06B2DD6BA
Sangfor	Backdoor.Win32.Bot.158044
K7AntiVirus	Unwanted-Program ( 004eeb301 )
BitDefender	Backdoor.Bot.158044
K7GW	Unwanted-Program ( 004eeb301 )
Cybereason	malicious.dd6bae
Cyren	W32/S-e22b09c9!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/HackTool.Patcher.CZ potentially unsafe
Kaspersky	UDS:DangerousObject.Multi.Generic
NANO-Antivirus	Trojan.Win32.MBro.vyvou
Rising	Trojan.Win32.Generic.151CABFB (C64:YzY0OmxBvms3Vvyb)
Ad-Aware	Backdoor.Bot.158044
Emsisoft	Backdoor.Bot.158044 (B)
Comodo	Malware@#g6okmzxucpr
McAfee-GW-Edition	GenericRXFC-TT!EC60B7E63554
FireEye	Generic.mg.1ca06b2dd6baed20
Sophos	Generic PUA PN (PUA)
Ikarus	Trojan-Ransom.Mbro
GData	Backdoor.Bot.158044
Jiangmin	Trojan/MBro.hw
Webroot	W32.Trojan.Gen
Kingsoft	Win32.Troj.Undef.(kcloud)
Arcabit	Backdoor.Bot.D2695C
ViRobot	Trojan.Win32.A.MBro.43008[UPX]
ZoneAlarm	UDS:DangerousObject.Multi.Generic
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
ALYac	Backdoor.Bot.158044
MAX	malware (ai score=82)
Panda	Trj/CI.A
APEX	Malicious
Tencent	Win32.Trojan.Mbro.Ebhg
Yandex	Trojan.GenAsa!4RNfb2TnWHA
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/MBro.OZG!tr
AVG	FileRepMalware [Trj]
Avast	FileRepMalware [Trj]
CrowdStrike	win/malicious_confidence_60% (W)