Backdoor

Should I remove “Backdoor.Win32.Androm.ieuy”?

Malware Removal

The Backdoor.Win32.Androm.ieuy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Androm.ieuy virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Czech
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded win api malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Backdoor.Win32.Androm.ieuy?



File Info:

name: AC23E2C9E7204FCF4019.mlw
path: /opt/CAPEv2/storage/binaries/501b3977e944b0cbe3573864234d3ec04498384453e664505b433f2c3c9b2085
crc32: 875E0662
md5: ac23e2c9e7204fcf40194733a8668240
sha1: 3767d1a0ef6ec596c2ea3e90cff564005b8dea87
sha256: 501b3977e944b0cbe3573864234d3ec04498384453e664505b433f2c3c9b2085
sha512: f390945972d2f2c3b660bbd69a566657d87c897fce713601ae875ab82624873d1e1d66a55d4927fcb9fb50f5e8174291b42cd5b94e0ae510ccc064e34cc2f4b0
ssdeep: 12288:vOV8dXRhotsEoCaaW41c52XSbKO3g/6Ba:vlXRhPEoCaf4SUXh/6E
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T127D47CD2F1C486C4F92DED3D815DBF2D025B3ABAA4A1450F669AF9E119D21530C3EC8B
sha3_384: 8c57c7cb4be1c6696e480aac051fb0c965f937b6df76c53624a44c76e22fb0fb4f167bc0947202e6b447807018d64a15
ep_bytes: 558bec6aff68e8054100688cfb400064
timestamp: 2007-01-24 23:50:26


Version Info:

0: [No Data]

Backdoor.Win32.Androm.ieuy also known as:

LionicTrojan.Win32.Androm.m!c
MicroWorld-eScanTrojan.Cripack.Gen.1
FireEyeGeneric.mg.ac23e2c9e7204fcf
CAT-QuickHealRansom.TeslaCrypt.WR4
SkyhighTrojan-FHBV!AC23E2C9E720
McAfeeTrojan-FHBV!AC23E2C9E720
MalwarebytesGeneric.Malware/Suspicious
VIPRETrojan.Cripack.Gen.1
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 0055e3ef1 )
AlibabaBackdoor:Win32/Androm.eded1733
K7GWTrojan ( 0055e3ef1 )
ArcabitTrojan.Cripack.Gen.1
BitDefenderThetaGen:NN.ZexaF.36744.Nq3@auiG7tkO
VirITTrojan.Win32.CryptLocker.CX
SymantecPacked.Generic.497
Elasticmalicious (high confidence)
ESET-NOD32Win32/Filecoder.TorrentLocker.A
KasperskyBackdoor.Win32.Androm.ieuy
BitDefenderTrojan.Cripack.Gen.1
NANO-AntivirusTrojan.Win32.Androm.dwuiej
AvastWin32:Malware-gen
TencentWin32.Backdoor.Androm.Qwhl
EmsisoftTrojan.Cripack.Gen.1 (B)
F-SecureTrojan:W32/TeslaCrypt.A
DrWebTrojan.DownLoader16.23563
ZillyaBackdoor.Androm.Win32.26972
TrendMicroTROJ_CRILOCK.XXQX
SophosMal/Tinba-P
IkarusTrojan.Win32.Filecoder
JiangminBackdoor/Androm.mlw
WebrootTrojan.Dropper.Gen
GoogleDetected
AviraHEUR/AGEN.1348929
Antiy-AVLTrojan[Ransom]/Win32.Torrentlocker
XcitiumMalware@#cn1mlbrw9trm
MicrosoftRansom:Win32/Teerac
ZoneAlarmBackdoor.Win32.Androm.ieuy
GDataTrojan.Cripack.Gen.1
CynetMalicious (score: 100)
VBA32Backdoor.Androm
MAXmalware (ai score=99)
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_CRILOCK.XXQX
RisingMalware.FakePDF/ICON!1.9E05 (CLASSIC)
YandexBackdoor.Androm!jU0vvicdVro
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Filecoder.DI!tr
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Backdoor.Win32.Androm.ieuy?

Backdoor.Win32.Androm.ieuy removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment