Backdoor

About “Backdoor.Quasar.Drop” infection

Malware Removal

The Backdoor.Quasar.Drop is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Quasar.Drop virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Backdoor.Quasar.Drop?



File Info:

name: A5E6C12AD3BE3AACA702.mlw
path: /opt/CAPEv2/storage/binaries/48aabae161b6d14d0e3c0ded956a8d8b7b59a9c24de16b71197fa18a4c59f60f
crc32: 5C67E8BE
md5: a5e6c12ad3be3aaca702ce8d24141e25
sha1: 4b4f5ab38e1102043f2704ea78022b9e190f47d6
sha256: 48aabae161b6d14d0e3c0ded956a8d8b7b59a9c24de16b71197fa18a4c59f60f
sha512: 998e583ecb223f7d67835b60dd52a12a905d0a9a7754fa2aa3e932d23157485d30e07f4d58ff5f8aa4cfb8247deac5d7d78812c4bf1a61f3a31cb71eca7c3154
ssdeep: 24576:jNA3R5drXp1JGNBVvLYxmT7Y2WeSYb+7c93/h+REHSrLchh1l+jmrcv7n:O5vJGUG7NSd7cNea8ghrMKmT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E4552202F6E184B3E57319364D31F325A97DB9201F28EB6EB3D4096DCA35581A225FB3
sha3_384: 37a2f3e9285b8ef0fe68584d43d4506e60b5d95705e7a5a2cb7f9fc7185fbc4e425c1305b2f421cc9d331752dcd4c826
ep_bytes: e85a040000e98efeffff3b0dc8a14300
timestamp: 2019-04-27 20:03:27


Version Info:

0: [No Data]

Backdoor.Quasar.Drop also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.65251454
FireEyeGeneric.mg.a5e6c12ad3be3aac
ALYacTrojan.GenericKD.65251454
MalwarebytesBackdoor.Quasar.Drop
VIPRETrojan.GenericKD.65251454
SangforTrojan.Win32.Save.a
Cybereasonmalicious.38e110
CyrenW32/Runner.L.gen!Eldorado
Elasticmalicious (high confidence)
APEXMalicious
BitDefenderTrojan.GenericKD.65251454
SophosGeneric Reputation PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
EmsisoftTrojan.GenericKD.65251454 (B)
IkarusTrojan.MSIL.Inject
GDataTrojan.GenericKD.65251454
Antiy-AVLTrojan/Win32.SGeneric
ArcabitTrojan.Generic.D3E3A87E
ViRobotTrojan.Win.Z.Agent.1325518
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R434315
McAfeeArtemis!A5E6C12AD3BE
MAXmalware (ai score=82)
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R03BH09B123
MaxSecureTrojan.Malware.198940374.susgen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Backdoor.Quasar.Drop?

Backdoor.Quasar.Drop removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment