Backdoor

What is “Backdoor.Win32.Lotok.hwp”?

Malware Removal

The Backdoor.Win32.Lotok.hwp is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Lotok.hwp virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Backdoor.Win32.Lotok.hwp?



File Info:

name: 28392602270FC69E5B66.mlw
path: /opt/CAPEv2/storage/binaries/316309b10a3daca2c30bc5e18e2c54ac1eecf50331a46c988c00be79cd9e56ec
crc32: 3556BC54
md5: 28392602270fc69e5b6682f6c263d19f
sha1: df358b2ebd0492ef837883ed49bc090e4e91894a
sha256: 316309b10a3daca2c30bc5e18e2c54ac1eecf50331a46c988c00be79cd9e56ec
sha512: 8879a1936d86e77010f7d4a3958fcc87e94a9cdc26637fa77bc27d6fc68da40912d5daab724c22982263b7ef6543f4269571c2142601e4f1a106ee9cfb3ef62d
ssdeep: 6144:z7jFUuZXHOUKMs2DhbUzwF/p/uwONct43j92UuK:Tb5uUKMs2DhbX9pGHNu4B2U
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T149249D027D0CCA98E8899A74888166550C28FD6ABF9047DFB751BE4DE9357E3BC31C2D
sha3_384: 08df04f57931f4207ec6fe306a5b33f660a18f5bb88755cb3e6b6c8df4d5ead3ea8743acdfb0511c28c08018c6cc42bd
ep_bytes: e80c060000e9000000006a1468789340
timestamp: 2022-07-11 10:35:15


Version Info:

CompanyName: TODO: 
FileDescription: MFCApplication8
FileVersion: 1.0.0.1
InternalName: MFCApplication8.exe
LegalCopyright: TODO: (C) 。保留所有权利。
OriginalFilename: MFCApplication8.exe
ProductName: TODO: 
ProductVersion: 1.0.0.1
Translation: 0x0804 0x04b0

Backdoor.Win32.Lotok.hwp also known as:

LionicTrojan.Win32.Lotok.m!c
MicroWorld-eScanTrojan.GenericKD.39989155
ALYacTrojan.GenericKD.39989155
CylanceUnsafe
VIPRETrojan.GenericKD.39989155
SangforBackdoor.Win32.Lotok.Vuyd
K7AntiVirusTrojan ( 005757a41 )
AlibabaBackdoor:Win32/Lotok.11a7d53d
K7GWTrojan ( 005757a41 )
CyrenW32/ABRisk.KVHE-9233
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.GXYG
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Dropper.Rincux-9950258-0
KasperskyBackdoor.Win32.Lotok.hwp
BitDefenderTrojan.GenericKD.39989155
AvastWin32:Trojan-gen
TencentWin32.Backdoor.Lotok.Hqbx
Ad-AwareTrojan.GenericKD.39989155
SophosMal/Generic-S
DrWebTrojan.Siggen18.24219
ZillyaTrojan.Kryptik.Win32.3825736
TrendMicroTROJ_GEN.R002C0PGE22
McAfee-GW-EditionRDN/Generic.dx
FireEyeTrojan.GenericKD.39989155
EmsisoftTrojan.GenericKD.39989155 (B)
GDataTrojan.GenericKD.39989155
JiangminBackdoor.Lotok.azu
WebrootW32.Trojan.Gen
AviraTR/AD.Farfli.ngeoq
MAXmalware (ai score=83)
Antiy-AVLTrojan/Generic.ASMalwS.6FA2
ArcabitTrojan.Generic.D2622FA3
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.Generic.C5205429
McAfeeRDN/Generic.dx
VBA32Backdoor.Lotok
MalwarebytesMalware.AI.2017488161
TrendMicro-HouseCallTROJ_GEN.R002C0PGE22
RisingBackdoor.Lotok!8.111D5 (CLOUD)
IkarusTrojan.Win32.Crypt
MaxSecureTrojan.Malware.185654088.susgen
FortinetW32/Kryptik.GXYG!tr
BitDefenderThetaGen:NN.ZexaF.34582.nu0@amQksnfj
AVGWin32:Trojan-gen
PandaTrj/Chgt.AB
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Backdoor.Win32.Lotok.hwp?

Backdoor.Win32.Lotok.hwp removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment