Backdoor

Backdoor:MSIL/Androm.KAAD!MTB removal tips

Malware Removal

The Backdoor:MSIL/Androm.KAAD!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:MSIL/Androm.KAAD!MTB virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Backdoor:MSIL/Androm.KAAD!MTB?



File Info:

name: 850B0B90DEE6A3ECCAF7.mlw
path: /opt/CAPEv2/storage/binaries/c8ad050630ea954712c67d5c27e8f75542d78e7d43c81554c0a652da9218a880
crc32: 32CDD236
md5: 850b0b90dee6a3eccaf734b887b5dd58
sha1: 543c7cc7ac28f8ac6ddbe08bf4cbd0163660dc14
sha256: c8ad050630ea954712c67d5c27e8f75542d78e7d43c81554c0a652da9218a880
sha512: 76d089d02b37b3d706d02d6a9bf9110d4c33377d5614957a3ea0308b1d62ade5577bec4eacc57ceb2f7012a92808775bd794f53f96e91c5044910338a2f65900
ssdeep: 12288:AYiIoFwIrG3XCCaaMTWH6kF0PywR7YUa4krFoXWhQ8ARD9p5:AHIcTrGCJTKF0aq7mrSm0B9f
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T129C422A93E644687C1195FF8206177B0A3BEDFD93411C3172C8B708EEA79FAC5252627
sha3_384: 14a1c93a10f8df9227ec5146cc6a382538a6ba3b994dc0351db085fa74ead152c4c0e532e72bc9f1d898fc74fbba46f2
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-07-25 00:32:21


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Arfico Tell
FileDescription: Multi Channel Queue
FileVersion: 1.1.0.0
InternalName: Zsyw.exe
LegalCopyright: Arfico Tell 2023
LegalTrademarks: Arif caco
OriginalFilename: Zsyw.exe
ProductName: Multi_Channel Queue
ProductVersion: 1.1.0.0
Assembly Version: 1.2.0.0

Backdoor:MSIL/Androm.KAAD!MTB also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Androm.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Dacic.3204ED82.A.8A8EB6FB
FireEyeGeneric.Dacic.3204ED82.A.8A8EB6FB
SkyhighBehavesLike.Win32.Generic.hc
McAfeeTrojan-FVLX!850B0B90DEE6
Cylanceunsafe
VIPREGeneric.Dacic.3204ED82.A.8A8EB6FB
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005a91c31 )
K7GWTrojan ( 005a91c31 )
ArcabitGeneric.Dacic.3204ED82.A.8A8EB6FB
VirITTrojan.Win32.MSIL_Heur.A
SymantecScr.Malcode!gdn34
ESET-NOD32a variant of MSIL/Kryptik.AJHF
CynetMalicious (score: 100)
APEXMalicious
KasperskyHEUR:Backdoor.MSIL.Androm.gen
BitDefenderGeneric.Dacic.3204ED82.A.8A8EB6FB
NANO-AntivirusTrojan.Win32.Androm.jxonpb
AvastWin32:PWSX-gen [Trj]
TencentMalware.Win32.Gencirc.13eadc17
TACHYONBackdoor/W32.DN-Androm.592384.D
EmsisoftGeneric.Dacic.3204ED82.A.8A8EB6FB (B)
F-SecureTrojan.TR/AD.LokiBot.jhmyc
DrWebTrojan.PackedNET.738
TrendMicroTROJ_GEN.R002C0DGU23
SophosTroj/Krypt-ABH
IkarusTrojan.MSIL.Inject
WebrootW32.Trojan.Gen
VaristW32/MSIL_Troj.CSM.gen!Eldorado
AviraTR/AD.LokiBot.jhmyc
Antiy-AVLTrojan[Backdoor]/MSIL.Androm
KingsoftWin32.Troj.Generic.v
XcitiumMalware@#2r1uux8ufk91l
MicrosoftBackdoor:MSIL/Androm.KAAD!MTB
ZoneAlarmHEUR:Backdoor.MSIL.Androm.gen
GDataGeneric.Dacic.3204ED82.A.8A8EB6FB
GoogleDetected
AhnLab-V3Trojan/Win.PWSX-gen.C5461050
ALYacGeneric.Dacic.3204ED82.A.8A8EB6FB
MAXmalware (ai score=100)
VBA32TScope.Trojan.MSIL
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Chgt.AD
ZonerTrojan.Win32.159521
TrendMicro-HouseCallTROJ_GEN.R002C0DGU23
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL2:RMyNj50vBezcVOjEOu1cVg)
YandexTrojan.Igent.b0AiIr.1
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.73691364.susgen
FortinetMSIL/GenKryptik.FQQD!tr
AVGWin32:PWSX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Backdoor:MSIL/Androm.KAAD!MTB?

Backdoor:MSIL/Androm.KAAD!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment