About “Backdoor.Win32.Hupigon.hsp” infection

The Backdoor.Win32.Hupigon.hsp is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor.Win32.Hupigon.hsp virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Backdoor.Win32.Hupigon.hsp?


File Info:
name: 0594D40E56E898CC1D0E.mlw
path: /opt/CAPEv2/storage/binaries/17567566d13287303ca372d2477254a359e88bdf778b973cd1d4b95ff0004860
crc32: E675C455
md5: 0594d40e56e898cc1d0e04f7f1e7e17b
sha1: 62a0447dc5894928adc5e723c7cee5cd57f830ac
sha256: 17567566d13287303ca372d2477254a359e88bdf778b973cd1d4b95ff0004860
sha512: eb17e29f09e1729493c9e34036a7f18cf06283edf38b81c82f5c1302441f08272ad4b0591cdcb3083afc6ee96ac3a1ee524322de2354d6989e194690372ae2c1
ssdeep: 6144:5gHeinWRyOzHibkkUU4bk/n/qopSjwYRoa0d3W5AG9Ek016:dRycYktU4g/n/t0EW5AoEkO6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18E244C37F1916433D2773578DC0B9669A829BA212E2C284A6FFD1D1C8B7D7823D281D7
sha3_384: 54745db01bc65f258b87ed187cd8d5be74b9bf592601f7f688c53e028cde35b3ea15b4c5389e8dcc94043a12febe7cf4
ep_bytes: 
timestamp: 1992-06-19 22:22:17

Version Info:
0: [No Data]

Backdoor.Win32.Hupigon.hsp also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Hupigon.lcOX
MicroWorld-eScan	Trojan.GenericKD.40912077
FireEye	Generic.mg.0594d40e56e898cc
Skyhigh	BehavesLike.Win32.Picsys.dh
ALYac	Trojan.GenericKD.40912077
VIPRE	Trojan.GenericKD.40912077
Sangfor	Backdoor.Win32.Hupigon.buxin
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	Backdoor:Win32/Hupigon.436457fd
VirIT	Backdoor.Win32.Small.P
Symantec	Trojan.Gen.2
Elastic	malicious (high confidence)
APEX	Malicious
Kaspersky	Backdoor.Win32.Hupigon.hsp
BitDefender	Trojan.GenericKD.40912077
NANO-Antivirus	Trojan.Win32.Hupigon.ejvyvm
Avast	Win32:GenMalicious-BND [Trj]
TACHYON	Backdoor/W32.Hupigon.229080
Sophos	Generic ML PUA (PUA)
DrWeb	BackDoor.Pigeon1.5760
Zillya	Backdoor.Hupigon.Win32.129136
Trapmine	malicious.high.ml.score
Emsisoft	Trojan.GenericKD.40912077 (B)
Ikarus	Backdoor.Win32.Hupigon
Jiangmin	Backdoor/Agent.bdis
Webroot	W32.Backdoor.Hupigon.Hsp
Google	Detected
Antiy-AVL	Trojan/Win32.Hupigon.pv
Xcitium	Virus.Win32.Downloader.BA@1cfxaq
Arcabit	Trojan.Generic.D27044CD
ZoneAlarm	Backdoor.Win32.Hupigon.hsp
GData	Trojan.GenericKD.40912077
MAX	malware (ai score=99)
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/CI.A
Rising	Backdoor.Win32.Gpigeon.hsp (CLASSIC)
Yandex	Backdoor.Hupigon!F92ygvgyba4
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.22319.susgen
Fortinet	W32/Hupigon.YQ!tr.bdr
AVG	Win32:GenMalicious-BND [Trj]
DeepInstinct	MALICIOUS

How to remove Backdoor.Win32.Hupigon.hsp?

Backdoor.Win32.Hupigon.hsp removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X