Backdoor

About “Backdoor.Wemosis” infection

Malware Removal

The Backdoor.Wemosis is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Backdoor.Wemosis virus can do?

  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz

How to determine Backdoor.Wemosis?


File Info:

crc32: 77195D13
md5: 5f31998b63f96d90f0c2f3e0d5107dcf
name: 5F31998B63F96D90F0C2F3E0D5107DCF.mlw
sha1: 41c68a0e43e7471da803a45861e8b5a02a32e719
sha256: 33c8f37e17e60ca4e882155a6105f5a7ae052b019916df8d94713c294cf4ba25
sha512: a9aa0629af0895a3a5b774bacbdc10dfefbe37013c9d366e9e7b295733afdf46e645b0b93dc0e0340572bc018f62065d750bc0e7f67db4d639a75a4a426300b4
ssdeep: 12288:zAHn2JK+HemNsqI3etnBHYPpAkApyRV3jRfP4S5LH28U3mcQuKXgoggdntcBLPS:zAHnh+eWsN3skA4RV1Hom2KXcmtcZg
type: PE32 executable (console) Intel 80386, for MS Windows

Version Info:

LegalCopyright: xa9 __email__
ProductName: PRODUCT_NAME
FileDescription: Volume@Price database updater
Comments: __datetime__
CompanyName: __url__
Translation: 0x0809 0x04b0

Backdoor.Wemosis also known as:

K7AntiVirusRiskware ( 0040eff71 )
LionicHacktool.Win32.Gamehack.3!e
Elasticmalicious (high confidence)
CrowdStrikewin/malicious_confidence_60% (W)
K7GWRiskware ( 0040eff71 )
CyrenW32/AutoIt.QG.gen!Eldorado
APEXMalicious
CynetMalicious (score: 100)
SophosML/PE-A
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.ch
FireEyeGeneric.mg.5f31998b63f96d90
AviraHEUR/AGEN.1139477
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Trojan/Win32.Fuerboos.C3228827
Acronissuspicious
McAfeeRDN/Generic.grp
VBA32Backdoor.Wemosis
TrendMicro-HouseCallTROJ_GEN.R002H0CJ321
FortinetPossibleThreat.PALLASNET.H
Paloaltogeneric.ml

How to remove Backdoor.Wemosis?

Backdoor.Wemosis removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment