Backdoor

Should I remove “Backdoor.Win32.NetWiredRC.lrt”?

Malware Removal

The Backdoor.Win32.NetWiredRC.lrt is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.NetWiredRC.lrt virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself

Related domains:

z.whorecord.xyz
a.tomx.xyz
dns16-microsoft-health.com

How to determine Backdoor.Win32.NetWiredRC.lrt?



File Info:

crc32: C3704560
md5: 7ce0b9ede7956ce43eed5605c01be944
name: 7CE0B9EDE7956CE43EED5605C01BE944.mlw
sha1: d66b1f3c31372a2abf4eed0ff163b9d1b1228aa7
sha256: 235bcc9dd72de0c5ee65fce42857fe4e341915bb53a731efbf5e986f9cdd4434
sha512: 702cb407d50f59467b8d9f2cb532a3ab678c752226c3cff06a7ff9275547f9abf1d6bbf4e882682f27e18dbb686245ac38ce6eed141bb39ca38b0ad5b4289d32
ssdeep: 6144:8gDjEcHIBTYYkxm2WNVN4YkOHaoe338IE:8HIfBroVN2meXE
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0407 0x04b0
ProductVersion: 1.00
InternalName: wdewscseawefe
FileVersion: 1.00
OriginalFilename: wdewscseawefe.exe
ProductName: Uemarenokumsfsfa

Backdoor.Win32.NetWiredRC.lrt also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
CylanceUnsafe
CrowdStrikewin/malicious_confidence_90% (W)
Cybereasonmalicious.c31372
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.EPVL
APEXMalicious
AvastWin32:InjectorX-gen [Trj]
CynetMalicious (score: 100)
KasperskyBackdoor.Win32.NetWiredRC.lrt
FireEyeGeneric.mg.7ce0b9ede7956ce4
SentinelOneStatic AI – Suspicious PE
eGambitPE.Heur.InvalidSig
ZoneAlarmBackdoor.Win32.NetWiredRC.lrt
MalwarebytesTrojan.Injector
RisingTrojan.Injector!1.C6AF (CLASSIC)
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:InjectorX-gen [Trj]
Qihoo-360HEUR/QVM20.1.0ADB.Malware.Gen

How to remove Backdoor.Win32.NetWiredRC.lrt?

Backdoor.Win32.NetWiredRC.lrt removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment