Categories: Backdoor

Backdoor:Win32/Generic information

The Backdoor:Win32/Generic is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor:Win32/Generic virus can do?

CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
CAPE detected the VanillaRAT malware family

How to determine Backdoor:Win32/Generic?


File Info:
name: 17E792B0BB256533CE3F.mlwpath: /opt/CAPEv2/storage/binaries/4c477e0e78863415e64ce9656ef2d1db0e45e60d02ccd21ad52ae51f637815f1crc32: 3E7C579Amd5: 17e792b0bb256533ce3fda3a2c4a093asha1: 901d60993c45332419f9f8619dec044e2a9fc41asha256: 4c477e0e78863415e64ce9656ef2d1db0e45e60d02ccd21ad52ae51f637815f1sha512: e5cea3e26bb612067546e7eb8e21689a98a1c6ff032ff466eface6cee1cb8c547880efe1bc9e2046e121e637e6fa032fb311b1b22aa18d501bfbc15970e448ebssdeep: 6144:hqly+DJZKBI0FyYeY4eoiJ+sCFv1A4Inlz+:SOyYrZos+xFvIl6type: PE32 executable (console) Intel 80386, for MS Windowstlsh: T102A4C6A82D95C58BCA380D73F8D3959B47702D1BF5B1EA22ADD473AF6A36380080D57Dsha3_384: 747c9c9311c20aac1ae79d78a3ad77d7b790d02e82e2c8aa640de6a8f5b2b6e90a7ec46c5a5aa65acc327e19771a6daaep_bytes: ff250020400000000000000000000000timestamp: 2023-07-18 09:40:46
Version Info:
Translation: 0x0000 0x04b0Comments: TeamViewer Remote Control ApplicationCompanyName: TeamViewer Germany GmbHFileDescription: TeamViewer Remote Control ApplicationFileVersion: 15.43.7.0InternalName: TeamViewer_Setup.exeLegalCopyright: TeamViewer Germany GmbHOriginalFilename: TeamViewer_Setup.exeProductName: TeamViewerProductVersion: 15.43.7.0Assembly Version: 15.43.7.0

Backdoor:Win32/Generic also known as:

Bkav	W32.Common.B095092D
Lionic	Trojan.Win32.Llac.m2nT
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.68239576
ClamAV	Win.Malware.Razy-9790647-0
CAT-QuickHeal	Trojan.YakbeexMSIL.ZZ4
ALYac	Trojan.GenericKD.68239576
Cylance	unsafe
Zillya	Trojan.Agent.Win32.3594618
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Trojan.GenericKD.68239576
K7GW	Trojan ( 0054dd361 )
K7AntiVirus	Trojan ( 0054dd361 )
VirIT	Trojan.Win32.Genus.SDK
Cyren	W32/MSIL_Agent.FUL.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Agent.BYD
APEX	Malicious
Cynet	Malicious (score: 99)
Kaspersky	UDS:Trojan-Ransom.MSIL.Blocker.gen
Alibaba	Ransom:MSIL/Blocker.294f3785
NANO-Antivirus	Trojan.Win32.Ransom.jxkuxz
ViRobot	Trojan.Win.Z.Agent.481792.M
Avast	Win32:RATX-gen [Trj]
Rising	Backdoor.VanillaRAT!1.C9D1 (CLASSIC)
Emsisoft	Trojan.GenericKD.68239576 (B)
F-Secure	Trojan.TR/Agent.xhgbq
DrWeb	Trojan.MulDrop22.37598
VIPRE	Trojan.GenericKD.68239576
TrendMicro	Ransom_Blocker.R002C0DGO23
McAfee-GW-Edition	Artemis!Trojan
FireEye	Generic.mg.17e792b0bb256533
Sophos	Mal/Generic-S
Ikarus	Backdoor.Quasar
Webroot	W32.Trojan.Gen
Avira	TR/Agent.xhgbq
MAX	malware (ai score=100)
Antiy-AVL	Trojan[Ransom]/MSIL.Blocker
Microsoft	Backdoor:Win32/Generic
Xcitium	Malware@#3rv4pshy54chs
Arcabit	Trojan.Generic.D41140D8
ZoneAlarm	UDS:Trojan-Ransom.MSIL.Blocker.gen
GData	Trojan.GenericKD.68239576
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5457526
McAfee	Artemis!17E792B0BB25
VBA32	TScope.Trojan.MSIL
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/GdSda.A
TrendMicro-HouseCall	Ransom_Blocker.R002C0DGO23
Tencent	Malware.Win32.Gencirc.10bf0a29
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.73689294.susgen
Fortinet	MSIL/Agent.BYD!tr
AVG	Win32:RATX-gen [Trj]
Cybereason	malicious.93c453
DeepInstinct	MALICIOUS