Backdoor:Win32/Dynamer!ac information

The Backdoor:Win32/Dynamer!ac is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor:Win32/Dynamer!ac virus can do?

Executable code extraction
Creates RWX memory
The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs

How to determine Backdoor:Win32/Dynamer!ac?


File Info:
crc32: 2B36BCCC
md5: 951c80c070f9335298cb1d6556419477
name: 951C80C070F9335298CB1D6556419477.mlw
sha1: f56369c45f5e7e2333af537de0352f46c0750e06
sha256: a6849e5b45225ac247d2ab7aba622b36acc77395e642c00f57300182dd93f471
sha512: 280875907f05cc44fbf61f66395b68407f99ac8c9dafa97f1f3d0bad8eb07cc8a2f5d082fd3c1727432a7de7c839b142f81dfb3e1707d3931dfe626b1dcea66e
ssdeep: 3072:azhZbEz1LUwVmbM0H0tRekPQJOQG7oRUBZAactODPw5sKc37kfyWN10x4vLeJ5h:Xp7syx/mUJPDtHLkVrCVYd9jM2
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: labDV All rights reserved.
InternalName: Respondents Used
FileVersion: 1.6.29.8
CompanyName: labDV
FileDescription: Randomize Avoiding Hfa 140
LegalTrademarks: labDV All rights reserved.
Comments: Randomize Avoiding Hfa 140
ProductName: Respondents Used
ProductVersion: 1.6.29.8
PrivateBuild: 1.6.29.8
OriginalFilename: Respondents Used.exe
Translation: 0x0409 0x04b0

Backdoor:Win32/Dynamer!ac also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Spyware ( 0055e3db1 )
Elastic	malicious (high confidence)
DrWeb	Trojan.MulDrop6.47188
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Ransom.Locky.10
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_80% (D)
Alibaba	TrojanSpy:Win32/Generic.fec1d28b
K7GW	Spyware ( 0055e3db1 )
Cybereason	malicious.070f93
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/Spy.Zbot.ACM
APEX	Malicious
Avast	Win32:Trojan-gen
Kaspersky	UDS:Trojan.Win32.Yakes.gen
BitDefender	Gen:Variant.Ransom.Locky.10
NANO-Antivirus	Trojan.Win32.Drop.efmkpm
MicroWorld-eScan	Gen:Variant.Ransom.Locky.10
Ad-Aware	Gen:Variant.Ransom.Locky.10
Sophos	Mal/Generic-S
F-Secure	Heuristic.HEUR/AGEN.1138861
BitDefenderTheta	Gen:NN.ZexaF.34722.su0@a8l4t@ni
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Mal_MiliCry-1c
McAfee-GW-Edition	BehavesLike.Win32.Trojan.fc
FireEye	Generic.mg.951c80c070f93352
Emsisoft	Gen:Variant.Ransom.Locky.10 (B)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1138861
eGambit	Generic.Malware
Antiy-AVL	Trojan/Generic.ASMalwS.1A30F1C
Kingsoft	Win32.Troj.Yakes.qp.(kcloud)
Microsoft	Backdoor:Win32/Dynamer!ac
Arcabit	Trojan.Ransom.Locky.10
AegisLab	Trojan.Multi.Generic.4!c
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Variant.Ransom.Locky.10
Acronis	suspicious
McAfee	Artemis!951C80C070F9
MAX	malware (ai score=100)
Malwarebytes	MachineLearning/Anomalous.100%
Panda	Trj/GdSda.A
TrendMicro-HouseCall	Mal_MiliCry-1c
Rising	Trojan.Generic@ML.100 (RDML:KFT+U2/p7lUvFVNs4tlmmA)
Yandex	TrojanSpy.Zbot!4AZuJRLQQ+Q
Ikarus	Trojan-Spy.Agent
Fortinet	W32/Zbot.ACM!tr.spy
AVG	Win32:Trojan-gen
Paloalto	generic.ml

How to remove Backdoor:Win32/Dynamer!ac?

Backdoor:Win32/Dynamer!ac removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X