Backdoor.Win32.Androm.qann information

Malware Removal

The Backdoor.Win32.Androm.qann is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Backdoor.Win32.Androm.qann virus can do?

  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Backdoor.Win32.Androm.qann?


File Info:

crc32: 7810C7C2
md5: 7b3ad4c969b1fc022f3c3b51debe4501
name: 7B3AD4C969B1FC022F3C3B51DEBE4501.mlw
sha1: 4959424cf220b8cb2e911d938fed2165df884afb
sha256: bb2cd1dfe120ff2248e007402782cd68f4555a0d7b028e6e493d0af1f633e87c
sha512: fc3097029256b91241f134b5d05ae7501d7d7c85ae21d118acd1dcf310b28588e513d1a4651eb28e8b2e4a415b2108479b3a1f5bcb32d65addb01fa566e908ba
ssdeep: 1536:MnH+yQsTH3Cb/axxkOHLTrXuYAqC93e+k8T4ccfaR1LdQo0FkSQBE5qsEhmBH9y:0HpQKXcaB7dAT3xbzpQo0FkjByuDc
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright Telegram Helper xa9 2018
Assembly Version: 3.14.3157.8
InternalName: NoFile.exe
FileVersion: 3.14.3157.8
CompanyName: Telegram Helper
LegalTrademarks:
Comments: Telegram Helper
ProductName: Telegram Helper
ProductVersion: 3.14.3157.8
FileDescription: Telegram Helper
OriginalFilename: NoFile.exe

Backdoor.Win32.Androm.qann also known as:

K7AntiVirusPassword-Stealer ( 00524ced1 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebBackDoor.Bifrost.29284
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.30983366
SangforTrojan.Win32.ClipBanker.mt
K7GWPassword-Stealer ( 00524ced1 )
Cybereasonmalicious.969b1f
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/PSW.CoinStealer.BO
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Malware.Agen-9805068-0
KasperskyBackdoor.Win32.Androm.qann
BitDefenderTrojan.GenericKD.30983366
NANO-AntivirusTrojan.Win32.Bifrost.feeuil
MicroWorld-eScanTrojan.GenericKD.30983366
TencentWin32.Backdoor.Androm.Ahyo
Ad-AwareTrojan.GenericKD.30983366
SophosMal/Generic-S
ComodoMalware@#1gx6gty749h8w
BitDefenderThetaGen:NN.ZexaF.34796.gmKfaiq2DJn
McAfee-GW-EditionBehavesLike.Win32.Picsys.nc
FireEyeGeneric.mg.7b3ad4c969b1fc02
EmsisoftTrojan.GenericKD.30983366 (B)
SentinelOneStatic AI – Suspicious PE
AviraHEUR/AGEN.1120557
Antiy-AVLTrojan/Generic.ASMalwS.26A5FAF
MicrosoftTrojan:Win32/Tiggre!rfn
ArcabitTrojan.Generic.D1D8C4C6
GDataTrojan.GenericKD.30983366
AhnLab-V3Malware/Win32.Generic.C2602842
McAfeeArtemis!7B3AD4C969B1
MAXmalware (ai score=95)
PandaTrj/Genetic.gen
YandexTrojan.GenAsa!01PxH8gkxsQ
IkarusTrojan.MSIL.Crypt
FortinetMSIL/CoinStealer.BO!tr.pws
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Backdoor.Win32.Androm.qann?

Backdoor.Win32.Androm.qann removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment