How to remove “Backdoor:Win32/Hupigon!B”?

The Backdoor:Win32/Hupigon!B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor:Win32/Hupigon!B virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Backdoor:Win32/Hupigon!B?


File Info:
name: DE65D006C1876D2DBA1F.mlw
path: /opt/CAPEv2/storage/binaries/b384d26c3e7a0a8705de652b247ae52cd7136190a89d3367e0e0c80051b3a85d
crc32: B6C4623B
md5: de65d006c1876d2dba1fef73c49be360
sha1: a724ae9028c617ab7101a247bca35843a4b1f69f
sha256: b384d26c3e7a0a8705de652b247ae52cd7136190a89d3367e0e0c80051b3a85d
sha512: 0a9afff3e90037e9bb9f63406f56f27dd95b66f4920ba47e84a678d6b8b46fd04887e16c48ab380ea8a0954c05158950d6369d3805124e1850608d436741fec7
ssdeep: 24576:FksVocaW5A5b3m+s2svwsIZLVWirg1wwE:FdAHxJkisk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11CF47C22F6919477D1732B389C1B63599839BF102E28A84B3BF41E5C9F797823D252D3
sha3_384: 065b1caabe23b69f5cf215a46ef93e17c4b4f88d04ceda953af00d4386b6f80f1ec3c715761959dcbe90b74a4de16f35
ep_bytes: 558becb9040000006a006a004975f951
timestamp: 1992-06-19 22:22:17

Version Info:
CompanyName: Beijing Rising Information Technology Co., Ltd.
FileDescription: Rising RsShell
FileVersion: 21, 0, 0, 5
InternalName: Beijing Rising Information Technology Co., Ltd.
LegalCopyright: Copyright(C) 2008 Beijing Rising Information Technology Co., Ltd. All Rights Reserved.
OriginalFilename: Rsmain.exe
ProductName: Rising Antivirus 2009
ProductVersion: 21.00
SpecialBuild: 20080827133313421
Translation: 0x0804 0x03a8

Backdoor:Win32/Hupigon!B also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Hupigon.l2g7
AVG	Win32:Hupigon-AHB [Trj]
MicroWorld-eScan	Gen:Malware.Heur.2.!copidmbe!.WK0@bm9OmDhb
FireEye	Generic.mg.de65d006c1876d2d
Skyhigh	BehavesLike.Win32.PWSGoft.bh
McAfee	GenericRXHO-RL!DE65D006C187
Cylance	unsafe
Zillya	Trojan.Hupigon.Win32.8912
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 7000000f1 )
Alibaba	Backdoor:Win32/Hupigon.012caa94
K7GW	Trojan ( 7000000f1 )
Cybereason	malicious.6c1876
VirIT	Backdoor.Win32.Hupigon.JOHG
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Hupigon
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Trojan.Graybird-28
Kaspersky	Backdoor.Win32.Hupigon.mxzs
BitDefender	Gen:Malware.Heur.2.!copidmbe!.WK0@bm9OmDhb
NANO-Antivirus	Trojan.Win32.Hupigon.dxkzlg
Avast	Win32:Hupigon-AHB [Trj]
Tencent	Malware.Win32.Gencirc.10b2bbae
Sophos	Mal/Hupig-H
F-Secure	Backdoor:W32/Hupigon.OJY
DrWeb	Trojan.PWS.Vipgsm.788
VIPRE	Gen:Malware.Heur.2.!copidmbe!.WK0@bm9OmDhb
TrendMicro	BKDR_HUPIGON.GEN
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Malware.Heur.2.!copidmbe!.WK0@bm9OmDhb (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Backdoor/Huigezi.2007.bgwz
Varist	W32/Hupigon.J.gen!Eldorado
Avira	BDS/Hupigon.Gen
Antiy-AVL	Trojan/Win32.Hupigon.pv
Kingsoft	Win32.HeurC.KVM008.a
Microsoft	Backdoor:Win32/Hupigon.gen!B
Xcitium	Backdoor.Win32.Hupigon.UUE0@1o8eqw
Arcabit	Gen:Malware.Heur.2.!copidmbe!.E84E62
ZoneAlarm	Backdoor.Win32.Hupigon.mxzs
GData	Win32.Trojan.PSE.14IIXYG
Google	Detected
AhnLab-V3	Win-Trojan/Hupigon.Gen
BitDefenderTheta	AI:Packer.E687A2D426
MAX	malware (ai score=100)
VBA32	OScope.Backdoor.Hupigon.axbr
Malwarebytes	Generic.Malware.AI.DDS
Panda	Generic Malware
TrendMicro-HouseCall	BKDR_HUPIGON.GEN
Rising	Backdoor.Win32.Gpigeon2009.aaj (CLASSIC)
Yandex	Trojan.GenAsa!uWXImPdZ5lY
Ikarus	Backdoor.Win32.Hupigon
MaxSecure	Trojan.Malware.1634706.susgen
Fortinet	W32/Hupigon.OSE!tr.bdr
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)
alibabacloud	Backdoor:Win/Graftor

How to remove Backdoor:Win32/Hupigon!B?

Backdoor:Win32/Hupigon!B removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X