Backdoor

Backdoor.Win32.Emotet.aush information

Malware Removal

The Backdoor.Win32.Emotet.aush is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Emotet.aush virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Mimics the system’s user agent string for its own requests
  • Expresses interest in specific running processes
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Attempts to modify proxy settings

How to determine Backdoor.Win32.Emotet.aush?



File Info:

crc32: A9040AA5
md5: 867712f855a80199e47f735068ffde2a
name: upload_file
sha1: 4fdc41c52b34c9df0e698ca96f26ad3b0014f605
sha256: 3d47c53ce06425cc807173fbb6ca992571f4b90f7d6910df28bc361fa6c7b950
sha512: 672d14f4f52dcc3c5b58a0e0997a0e3ad3a8f9afe3f5eae2e2ae48ca0a7c828db7620a51ff0596320cc7693b2cb0af666c1813ce313fc17106145c43ec56390f
ssdeep: 12288:sX21LCAEra89Ya9Fxdu56zMkqSB6izxjxE6pE:sG5CAnKYa946Hqi6iFj26q
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2000
InternalName: MsAgentHelp
FileVersion: 1, 0, 0, 1
CompanyName: 
LegalTrademarks: 
ProductName: MsAgentHelp Application
ProductVersion: 1, 0, 0, 1
FileDescription: MsAgentHelp MFC Application
OriginalFilename: MsAgentHelp.EXE
Translation: 0x0409 0x04b0

Backdoor.Win32.Emotet.aush also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.43569699
FireEyeGeneric.mg.867712f855a80199
McAfeeGenericRXAA-AA!867712F855A8
MalwarebytesTrojan.MalPack.TRE
BitDefenderTrojan.GenericKD.43569699
K7GWTrojan ( 0056ba561 )
Invinceaheuristic
BitDefenderThetaGen:NN.ZexaF.34144.Eq0@aKtSIsji
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyBackdoor.Win32.Emotet.aush
Ad-AwareTrojan.GenericKD.43569699
F-SecureHeuristic.HEUR/AGEN.1135308
DrWebTrojan.DownLoader34.10090
FortinetW32/GenKryptik.EPAZ!tr
EmsisoftTrojan.Emotet (A)
IkarusTrojan-Banker.Emotet
AviraHEUR/AGEN.1135308
MAXmalware (ai score=86)
ArcabitTrojan.Generic.D298D223
ZoneAlarmBackdoor.Win32.Emotet.aush
MicrosoftTrojan:Win32/Emotet.ARJ!MTB
CynetMalicious (score: 85)
AhnLab-V3Malware/Win32.Generic.C4172955
VBA32BScope.Trojan.Emotet
ALYacTrojan.Emotet.AJD
ESET-NOD32a variant of Win32/GenKryptik.EPKC
RisingTrojan.Kryptik!1.C71F (CLASSIC)
GDataTrojan.GenericKD.43569699

How to remove Backdoor.Win32.Emotet.aush?

Backdoor.Win32.Emotet.aush removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment