Backdoor

Backdoor:Win32/Drixed.D information

Malware Removal

The Backdoor:Win32/Drixed.D is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Drixed.D virus can do?

  • Executable code extraction
  • Compression (or decompression)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Exhibits behavior characteristic of Dridex malware
  • Collects information about installed applications
  • Attempts to identify installed AV products by registry key
  • Anomalous binary characteristics

How to determine Backdoor:Win32/Drixed.D?



File Info:

crc32: 7F41E1EA
md5: 62e4f7cfa529ef63439e88ff176cc6c8
name: 45y4g.exe
sha1: 51066826e4201e526f6e9cac440f120f97ca0436
sha256: 0c3631f4cb7c6c20d671500f4c3b769457486b5afa0c685920d64c3c7297fb0e
sha512: dc2e58da5576ab457db09f9daae9c386be1a02712c509a8fdad4c5ca6e6064d79c0617317130dba4d009bae032386462022f084373b9e472dfc27743baee1b70
ssdeep: 1536:i9sFbpyg8Y9TwWkX4Cah8dbVJVkwfvZffMSTKgPdcJ:Ayq4wWkX0h2JCwf1fuydcJ
type: PE32 executable (console) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
FileVersion: 4.7.2.0
CompanyName: Nokia Corporation and/or its subsidiary(-ies)
ProductName: Qt4
FileDescription: C++ application development framework.
OriginalFilename: QtCLucene4.dll

Backdoor:Win32/Drixed.D also known as:

DrWebTrojan.Dridex.192
MicroWorld-eScanTrojan.Dridex.L
FireEyeGeneric.mg.62e4f7cfa529ef63
CAT-QuickHealBackdoor.Drixed.A7
ALYacTrojan.Dridex.L
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Yakes.4!c
SangforMalware
K7AntiVirusTrojan ( 004beaac1 )
BitDefenderTrojan.Dridex.L
K7GWTrojan ( 004beaac1 )
Cybereasonmalicious.fa529e
TrendMicroBKDR_DRIDEX.XDB
BitDefenderThetaGen:NN.ZexaF.33558.lC0@a4Qehvei
F-ProtW32/Dridex.DD
SymantecTrojan.Cridex
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Trojan.Dridex-124
GDataWin32.Trojan.Agent.XZKHHR
KasperskyTrojan.Win32.Yakes.lulq
AlibabaBackdoor:Win32/Yakes.7e6a0efc
NANO-AntivirusTrojan.Win32.Yakes.efgtud
ViRobotTrojan.Win32.Agent.184320.DC
RisingTrojan.Win32.Dridex.f (CLASSIC)
Ad-AwareTrojan.Dridex.L
SophosTroj/Dridex-GN
ComodoMalware@#28n91424xjesq
F-SecureTrojan.TR/Crypt.XPACK.544
ZillyaTrojan.Dridex.Win32.239
Invinceaheuristic
McAfee-GW-EditionGeneric.xg
EmsisoftTrojan.Dridex.L (B)
IkarusTrojan.Win32.Dridex
CyrenW32/Dridex.BYMX-9385
JiangminTrojan/Yakes.xvc
WebrootW32.Trojan.Gen
AviraTR/Crypt.XPACK.544
Antiy-AVLTrojan/Win32.Yakes
Endgamemalicious (high confidence)
ArcabitTrojan.Dridex.L
ZoneAlarmTrojan.Win32.Yakes.lulq
MicrosoftBackdoor:Win32/Drixed.D
TACHYONTrojan/W32.Yakes.184320.Q
AhnLab-V3Trojan/Win32.Dridex.R163298
Acronissuspicious
McAfeeGeneric.xg
MAXmalware (ai score=100)
VBA32Trojan.Yakes
CylanceUnsafe
PandaTrj/WLT.B
ZonerTrojan.Win32.34936
ESET-NOD32Win32/Dridex.P
TrendMicro-HouseCallBKDR_DRIDEX.XDB
YandexTrojan.Yakes!zlvSTIyrHtA
SentinelOneDFI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/DRIDEX.GN!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_90% (W)
Qihoo-360Win32/Trojan.e57

How to remove Backdoor:Win32/Drixed.D?

Backdoor:Win32/Drixed.D removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment