What is “Backdoor.Win32.NetWiredRC.krc”?

The Backdoor.Win32.NetWiredRC.krc is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor.Win32.NetWiredRC.krc virus can do?

Executable code extraction
Creates RWX memory
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Backdoor.Win32.NetWiredRC.krc?


File Info:
crc32: D5F359AD
md5: efe01ee6ec8fe3b46e8bb556afcfc8e9
name: nw1.exe
sha1: 5ce705e0a2d6f8c0b2f79284e272add31219397a
sha256: d048695c28ec486a912076d0a14fe8fe8e6d50e2defc5867e5ac789a4cd5385b
sha512: 3a6104e40a8f0a9f1eadce507074fbaf9bbfe22413674ef99596dc5888f9f1cd6bc4997f9004862134ed8dc6fc8e70d7f8bf963532b95cda804299a9fd4dd2fd
ssdeep: 1536:cXnwDOcUHxR8e8hh4oQ0o1bcaeMFWTkMahP:4Zc4xR8xhhg0m71
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0409 0x04b0
InternalName: Okkupa5
FileVersion: 1.00
CompanyName: WOnderware
Comments: WOnderware
ProductName: Paramete2
ProductVersion: 1.00
FileDescription: Ogsmor
OriginalFilename: Okkupa5.exe

Backdoor.Win32.NetWiredRC.krc also known as:

MicroWorld-eScan	Trojan.GenericKD.42904517
McAfee	Artemis!EFE01EE6EC8F
Malwarebytes	Trojan.GuLoader
AegisLab	Trojan.Multi.Generic.4!c
K7AntiVirus	Trojan ( 005638fa1 )
BitDefender	Trojan.GenericKD.42904517
K7GW	Trojan ( 005638fa1 )
Cyren	W32/Kryptik.BIF.gen!Eldorado
ESET-NOD32	a variant of Win32/Injector.ELGX
APEX	Malicious
Kaspersky	Backdoor.Win32.NetWiredRC.krc
Ad-Aware	Trojan.GenericKD.42904517
Emsisoft	Trojan.GenericKD.42904517 (B)
F-Secure	Trojan.TR/AD.VBCryptor.amqeb
DrWeb	Trojan.PackedENT.136
McAfee-GW-Edition	BehavesLike.Win32.Trojan.ct
Fortinet	W32/ELGX!tr
Trapmine	suspicious.low.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan.Win32.Injector
F-Prot	W32/Kryptik.BIF.gen!Eldorado
Avira	TR/AD.VBCryptor.amqeb
MAX	malware (ai score=87)
Antiy-AVL	Trojan/Win32.Casur
ZoneAlarm	Backdoor.Win32.NetWiredRC.krc
Microsoft	Trojan:Win32/Wacatac.C!ml
Cylance	Unsafe
Panda	Trj/Genetic.gen
eGambit	Unsafe.AI_Score_99%
GData	Win32.Trojan-Downloader.Dagurleo.2EFRVU
BitDefenderTheta	Gen:NN.ZevbaF.34104.gm0@ay3MpUfi
AVG	FileRepMalware
Avast	FileRepMalware
CrowdStrike	win/malicious_confidence_80% (W)
Qihoo-360	Trojan.Generic

How to remove Backdoor.Win32.NetWiredRC.krc?

Backdoor.Win32.NetWiredRC.krc removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X