Backdoor

What is “Backdoor:Win32/DCRAT.JP!MTB”?

Malware Removal

The Backdoor:Win32/DCRAT.JP!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/DCRAT.JP!MTB virus can do?

  • Authenticode signature is invalid
  • CAPE detected the DCRat malware family
  • Anomalous binary characteristics

How to determine Backdoor:Win32/DCRAT.JP!MTB?



File Info:

name: E3B0B46D6183FA7B7A75.mlw
path: /opt/CAPEv2/storage/binaries/f53d7e0915fa3040f9bb7185c5f64de0c5b12d360a211f963a6081da72cfec8a
crc32: 6EC512D0
md5: e3b0b46d6183fa7b7a75432c992cf09d
sha1: 91363fd3d1298e22cd9f9eae2e4b782c3e65fba8
sha256: f53d7e0915fa3040f9bb7185c5f64de0c5b12d360a211f963a6081da72cfec8a
sha512: a599028d667f9cabbad3f447d69c040e1f0385e7783593b61785559d3614b33a56b3829933ae3f12a20bb1bbb1dfab56d5b4af76c639b8042e72b28281ecba74
ssdeep: 12288:o52N7Vuw8i5HMBPnNdxeXC9wctOH0QbEKGkQJbKwT5/z0MeH3czlmJVE66jHKpfT:o52+VlBvx/tk9UGMF7yv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1191563342EEA5029F173AF7D8AE07596DA6EB6A33707995D00B103C60723B42DDD163E
sha3_384: 86c9535946a89721f1a1721a194d9562d53c0095ed0c7c756a8fddb28a4b089745a87188e97435fe57c81577fa760bdd
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-05-04 16:03:35


Version Info:

ProductName: f1tHr41kZZ8aJO6Y3n1sfDG
CompanyName: WgPNkt1lwFTRW
InternalName: KD7dcgWqHJyV5OCQGpxEcnhfA4iPI.exe
LegalCopyright: 5hC
Comments: fbfBSwC5iFkWpfjK9zuRNWYUd0G
OriginalFilename: REOm.exe
ProductVersion: 813.40.894.879
FileVersion: 269.386.457.740
Translation: 0x0409 0x0514

Backdoor:Win32/DCRAT.JP!MTB also known as:

BkavW32.Common.2FBED40E
LionicTrojan.Win32.Stealer.12!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.MSIL.Basic.8.Gen
ClamAVWin.Packed.Msilmamut-9987799-0
FireEyeGeneric.mg.e3b0b46d6183fa7b
CAT-QuickHealTrojan.MsilFC.S28419717
McAfeeDCRAT-FDQN!E3B0B46D6183
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.BasicGen.Win32.1
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00592ff21 )
AlibabaBackdoor:MSIL/DCRAT.4417f99b
K7GWTrojan ( 00592ff21 )
Cybereasonmalicious.d6183f
BitDefenderThetaGen:NN.ZemsilF.36318.4m0@a0eBDnki
VirITTrojan.Win32.Injector.DCGZ
CyrenW32/MSIL_Agent.DZU.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Spy.Agent.DTR
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefenderTrojan.MSIL.Basic.8.Gen
AvastWin32:DropperX-gen [Drp]
TACHYONTrojan-Spy/W32.DN-InfoStealer.927232
EmsisoftTrojan.MSIL.Basic.8.Gen (B)
F-SecureHeuristic.HEUR/AGEN.1310064
DrWebTrojan.Siggen18.6795
VIPRETrojan.MSIL.Basic.8.Gen
TrendMicroTROJ_GEN.R002C0DGL23
McAfee-GW-EditionBehavesLike.Win32.AgentTesla.dt
Trapminesuspicious.low.ml.score
SophosTroj/DCRat-J
SentinelOneStatic AI – Malicious PE
GDataMSIL.Trojan.PSE.1LDHOG1
JiangminTrojanSpy.MSIL.ckhn
AviraHEUR/AGEN.1310064
Antiy-AVLTrojan[Spy]/MSIL.Stealer
ArcabitTrojan.MSIL.Basic.8.Gen
ZoneAlarmHEUR:Trojan-Spy.MSIL.Stealer.gen
MicrosoftBackdoor:Win32/DCRAT.JP!MTB
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C5168281
VBA32Dropper.MSIL.gen
ALYacTrojan.MSIL.Basic.8.Gen
MAXmalware (ai score=81)
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0DGL23
RisingBackdoor.DCRat!1.E0D3 (CLASSIC)
IkarusTrojan.MSIL.Spy
MaxSecureTrojan.Malware.121218.susgen
FortinetMSIL/Agent.DTR!tr
AVGWin32:DropperX-gen [Drp]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Backdoor:Win32/DCRAT.JP!MTB?

Backdoor:Win32/DCRAT.JP!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment