Categories: Backdoor

Backdoor.Win32.Androm.tpxe information

The Backdoor.Win32.Androm.tpxe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor.Win32.Androm.tpxe virus can do?

Executable code extraction
Creates RWX memory
Reads data out of its own binary image
Drops a binary and executes it
Queries information on disks, possibly for anti-virtualization
Tries to unhook or modify Windows functions monitored by Cuckoo
Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
Installs itself for autorun at Windows startup
Attempts to create or modify a Browser Helper Object
Attempts to modify proxy settings

Related domains:

st.p.360.cn

How to determine Backdoor.Win32.Androm.tpxe?


File Info:
crc32: 137BF8BFmd5: b961a4d66ec3657d631152edf5793bc0name: main_setup.exesha1: 31129ee3e632889b9d37a4a9450e880cdb7d50b0sha256: cdbb6f94167d18ec7d6bc2a726affa1a10c8258729447966dbe05707da27c2e4sha512: 376c7cf79e54c4f9ab279445a1c133f7d5c2e9fcddbca647de0534fc1e23dc4f0fa15f0b49830b20e73a341f6ff89c733795d27718d35cf64291428989b9c191ssdeep: 49152:k27DKmn9XxyHuwBfVbvI2Gcx80v1rtoWNkKIZ5EFh5mjnGsggK8Ny5:p7rn9XxT2fJBG+80v1h5NkKIZ56XmjnOtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright:                                                                                                     FileVersion: 2.6.7.6             CompanyName: Vagaa FUN Team                                              Comments: This installation was built with Inno Setup.ProductName: Vagaax54c7x560e                                                     ProductVersion: 2.6.7.6             FileDescription: P2P World                                                   Translation: 0x0000 0x04b0

Backdoor.Win32.Androm.tpxe also known as:

CAT-QuickHeal	Backdoor.Androm
McAfee	Artemis!B961A4D66EC3
Cylance	Unsafe
AegisLab	Trojan.Win32.Androm.m!c
Kaspersky	Backdoor.Win32.Androm.tpxe
Alibaba	Backdoor:Win32/Androm.81d0960e
Zillya	Backdoor.Androm.Win32.71669
McAfee-GW-Edition	BehavesLike.Win32.AdwareFileTour.vc
Sophos	Address Tool Bar (PUA)
ZoneAlarm	Backdoor.Win32.Androm.tpxe
VBA32	Rootkit.Agent
eGambit	Unsafe.AI_Score_51%