Backdoor

Backdoor.Win32.Androm.pwcy malicious file

Malware Removal

The Backdoor.Win32.Androm.pwcy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Androm.pwcy virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Backdoor.Win32.Androm.pwcy?



File Info:

name: 6382E9A601825DC7D32F.mlw
path: /opt/CAPEv2/storage/binaries/150983a0a5436237ddb8c91e7772cec868e9c4fbf0931671422a8351ab503e61
crc32: D24773EE
md5: 6382e9a601825dc7d32f766951e1fed7
sha1: 7ea9ab8a207b234d1cfecf156c38d19d299e8bb1
sha256: 150983a0a5436237ddb8c91e7772cec868e9c4fbf0931671422a8351ab503e61
sha512: 02e6a09bf407fa0bcce12572aaced00c183fce3c71b71aef13a87c03cb9c10e972adc3032c0efd967672d80529400dfa5ecdcbd5009fd33a8d89132b9ec0cb06
ssdeep: 6144:sowNS1MRWpAe/h1rSPYFVqQ2d+F0DxlxXYNmycofcMIlP0W:dP1Mc+YXrOgYpY1VcMIlcW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T191741213AA18C9BDD44989768C43CEA16561FC378536988F35E07B5F3DB6AD0E30F90A
sha3_384: 8f425301f25be5865d6c6424a3845d55b3387aeb9883aea80f2463eaeca77d66f31d3c4b0f61292ae83e6b4ec2531cde
ep_bytes: 6801f04200e801000000c3c321106341
timestamp: 2022-01-03 18:28:55


Version Info:

CompanyName: Modeling Laboratory
FileDescription: Stratum core launcher
FileVersion: 3.3
Build: 9028
InternalName: sc2000
LegalCopyright: Copyright © Modeling Laboratory 1996-2012
OriginalFilename: sc20000.exe
Translation: 0x0409 0x04e4

Backdoor.Win32.Androm.pwcy also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.m78E
MalwarebytesMalware.Heuristic.1003
SangforTrojan.Win32.Malware.gen
AlibabaBackdoor:Win32/Androm.221afec8
BitDefenderThetaGen:NN.ZexaF.36250.vO0aa8z23Bc
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyBackdoor.Win32.Androm.pwcy
AvastWin32:Malware-gen
TencentWin32.Backdoor.Androm.Ljgl
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1349547
ZillyaBackdoor.Androm.Win32.60691
McAfee-GW-EditionBehavesLike.Win32.Trojan.fc
Trapminemalicious.moderate.ml.score
SentinelOneStatic AI – Suspicious PE
GoogleDetected
AviraHEUR/AGEN.1349547
Antiy-AVLTrojan[Backdoor]/Win32.Androm
XcitiumMalware@#28eqg72d43irz
ZoneAlarmBackdoor.Win32.Androm.pwcy
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
AhnLab-V3Malware/Win32.Generic.C3019486
McAfeeArtemis!6382E9A60182
VBA32Backdoor.Androm
Cylanceunsafe
PandaTrj/CI.A
RisingBackdoor.Androm!8.113 (TFE:5:OaKCqr8VpHO)
YandexTrojan.GenAsa!VfY3RF32RKQ
IkarusBackdoor.Androm
MaxSecureTrojan.Malware.74107913.susgen
FortinetW32/Androm.PWCY!tr.bdr
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Backdoor.Win32.Androm.pwcy?

Backdoor.Win32.Androm.pwcy removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment