Backdoor

Backdoor.Win32.Androm.txhw removal instruction

Malware Removal

The Backdoor.Win32.Androm.txhw is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Androm.txhw virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • A process attempted to delay the analysis task.
  • Expresses interest in specific running processes
  • Unconventionial language used in binary resources: Hindi
  • The binary likely contains encrypted or compressed data.
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

Related domains:

onlynew.xyz

How to determine Backdoor.Win32.Androm.txhw?



File Info:

crc32: 45A749CA
md5: a59b6178979a69c35e1d97b7bba77fb2
name: ashampoo2Bdriver2Bupdater2B1-RTMD-ao9hel5ulqaavhwcaerffwasapygcxka.exe
sha1: 7884b6164ab16443d8a134591de824b686320eed
sha256: a45499c9643ccb1bc3cadfcdafbc75c4f415bcf05533cd234854e37a7a5e7875
sha512: 65fa155e13084e7aa123a8226679789f51dc151538a52f53ec6ab9a36a722aa94e39b8de2da2d5cb54f3768fb6e3a7f7b2ccf899b546ac0ac8134b50bae2db02
ssdeep: 49152:yVpsbTX/+vIU4acFN2y3llSP4NqzZXQcExs5wCvxZim73oUZrDcy4Wx+SIDrIil:yAkcn7SPUiIR2xUUJGWxevpSMr6oqub
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

FileVersionNew: 2.3.4
InternalServiceName: speedy.exe
Copyright: Copyright (C) 2020, softtail
ProgramVersion: 1.4.7

Backdoor.Win32.Androm.txhw also known as:

BkavW32.AIDetectVM.malware
MicroWorld-eScanTrojan.GenericKD.33567430
FireEyeGeneric.mg.a59b6178979a69c3
McAfeeArtemis!A59B6178979A
MalwarebytesTrojan.Glupteba
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Malicious.4!c
CrowdStrikewin/malicious_confidence_90% (W)
BitDefenderTrojan.GenericKD.33567430
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
TrendMicroTROJ_GEN.R011C0DCR20
BitDefenderThetaGen:NN.ZexaF.34104.WtW@aiw4y1bG
CyrenW32/Trojan.FCAU-3442
TrendMicro-HouseCallTROJ_GEN.R011C0DCR20
AvastWin32:CoinminerX-gen [Trj]
GDataTrojan.GenericKD.33567430
KasperskyBackdoor.Win32.Androm.txhw
AlibabaBackdoor:Win32/Glupteba.00456ad3
ViRobotTrojan.Win32.Z.Agent.3947520
APEXMalicious
TencentWin32.Backdoor.Androm.Lmul
Ad-AwareTrojan.GenericKD.33567430
SophosMal/RyPack-A
F-SecureTrojan.TR/Crypt.XPACK.Gen3
DrWebTrojan.Siggen9.26189
McAfee-GW-EditionBehavesLike.Win32.Generic.wc
Trapminemalicious.high.ml.score
EmsisoftTrojan.GenericKD.33567430 (B)
SentinelOneDFI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
AviraTR/Crypt.XPACK.Gen3
MAXmalware (ai score=82)
Antiy-AVLTrojan/Win32.Wacatac
Endgamemalicious (high confidence)
ArcabitTrojan.Generic.D20032C6
ZoneAlarmBackdoor.Win32.Androm.txhw
MicrosoftPWS:Win32/Predator.KM!MTB
AhnLab-V3Trojan/Win32.MalPe.R330043
Acronissuspicious
ALYacTrojan.GenericKD.33567430
CylanceUnsafe
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Kryptik.HCGS
RisingBackdoor.Androm!8.113 (CLOUD)
YandexTrojan.Kryptik!pZGJCdn1Jn0
IkarusTrojan.Win32.Ranumbot
FortinetW32/RyPack.A!tr
WebrootW32.Malware.Gen
AVGWin32:CoinminerX-gen [Trj]
Paloaltogeneric.ml
Qihoo-360Generic/Trojan.160

How to remove Backdoor.Win32.Androm.txhw?

Backdoor.Win32.Androm.txhw removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment