Categories: Backdoor

Backdoor.Win32.Emotet.buup removal

The Backdoor.Win32.Emotet.buup is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor.Win32.Emotet.buup virus can do?

Executable code extraction
Creates RWX memory
Mimics the system’s user agent string for its own requests
Expresses interest in specific running processes
The binary likely contains encrypted or compressed data.
Attempts to repeatedly call a single API many times in order to delay analysis time

How to determine Backdoor.Win32.Emotet.buup?


File Info:
crc32: A204BF32md5: 9836948d3c247e2f966e906fec75bc4dname: upload_filesha1: 1a84b6257555cc83e518c71e4101c434c4bdcde5sha256: bb10fd39e36d3676f09d93691d92028de0a5a8fe7324f5e7a933bc0082e770f7sha512: 2fb72e6ebc27ae8e6111aa62aeae2876950781b4e9de176fdb6f64d2666871eb5ec0ef25ee5f15894588d2ba4377d4d9c19d6357d72c98f7ed3107a59d71c65dssdeep: 6144:sBW3qfvKcJA6paL++acj5205qvVVwd5+wETSUR:sU3qfzu6pKQcUDRwKtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright (C) 2003InternalName: UseShGetFileInfoDemoFileVersion: 1, 0, 0, 1CompanyName: LegalTrademarks: ProductName: UseShGetFileInfoDemo ApplicationProductVersion: 1, 0, 0, 1FileDescription: UseShGetFileInfoDemo MFC ApplicationOriginalFilename: UseShGetFileInfoDemo.EXETranslation: 0x0409 0x04b0

Backdoor.Win32.Emotet.buup also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.69400
FireEye	Generic.mg.9836948d3c247e2f
McAfee	Emotet-FQS!9836948D3C24
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Generic.4!c
K7AntiVirus	Trojan ( 005605291 )
BitDefender	Trojan.GenericKDZ.69400
K7GW	Trojan ( 005605291 )
CrowdStrike	win/malicious_confidence_60% (W)
F-Prot	W32/Emotet.APL.gen!Eldorado
Symantec	Trojan.Emotet
APEX	Malicious
Kaspersky	Backdoor.Win32.Emotet.buup
Alibaba	Trojan:Win32/Emotet.001e5e16
ViRobot	Trojan.Win32.Emotet.307200.C
Ad-Aware	Trojan.GenericKDZ.69400
Emsisoft	Trojan.Emotet (A)
DrWeb	Trojan.Emotet.999
Fortinet	W32/Emotet.999!tr
Sophos	Mal/Generic-S
Cyren	W32/Emotet.APL.gen!Eldorado
MaxSecure	Trojan.Malware.121218.susgen
MAX	malware (ai score=81)
Arcabit	Trojan.Generic.D10F18
ZoneAlarm	Backdoor.Win32.Emotet.buup
Microsoft	Trojan:Win32/Emotet.ARJ!MTB
BitDefenderTheta	Gen:NN.ZexaF.34152.sq0@aC5n0nci
Malwarebytes	Trojan.MalPack.TRE
ESET-NOD32	a variant of Win32/Kryptik.HFMJ
Tencent	Win32.Backdoor.Emotet.Hssc
Ikarus	Trojan-Banker.Emotet
GData	Trojan.GenericKDZ.69400
AVG	FileRepMalware
Paloalto	generic.ml