Backdoor

What is “Backdoor:Win32/Lecna.N!dha”?

Malware Removal

The Backdoor:Win32/Lecna.N!dha is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Lecna.N!dha virus can do?

  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Access the NetLogon registry key, potentially used for discovery or tampering
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup

How to determine Backdoor:Win32/Lecna.N!dha?



File Info:

name: 9433FFC331E82CED1286.mlw
path: /opt/CAPEv2/storage/binaries/b082540f1bcbac4f8315cac88a1d6cadbcebf3fec1fbadd9d8eea5392af79c35
crc32: 013B0276
md5: 9433ffc331e82ced1286a0d7e6dca064
sha1: 9915ac5a385a8f47ae839b7795146f0312c41e8c
sha256: b082540f1bcbac4f8315cac88a1d6cadbcebf3fec1fbadd9d8eea5392af79c35
sha512: 5868dbe946dae81c3855cacbb6b61dac6cba1354b6ad4c872f28e46715bfbfb77397f2bdaa6ea2f73fa1667376c26fb368ec2eeac8c13285eabcf071b4861528
ssdeep: 768:vMnGPCo5ll54rVD2De6t54T7Qol4gHZIXyUQ37bEA61p1:5P/J54rVqDe6t54T7QMKXyUKqz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CC436C43A585C847E4A305790900FCB3CEFBE43442DE2EABE380DAC97C619B5991D34B
sha3_384: b347ca5ad76a8c7bdf16aee96222a58e2d9b0b23397d52f55a0ff2570df669e664e2780982e1917d4cfb137491f456fd
ep_bytes: 558bec6aff687882400068507f400064
timestamp: 2013-01-04 03:36:13


Version Info:

0: [No Data]

Backdoor:Win32/Lecna.N!dha also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Multi.Generic.4!c
MicroWorld-eScanGen:Heur.Mint.Zard.45
FireEyeGeneric.mg.9433ffc331e82ced
CAT-QuickHealBackdoor.Lecna.18662
McAfeeGenericRXAA-AA!9433FFC331E8
CylanceUnsafe
VIPREGen:Heur.Mint.Zard.45
Sangfor[ARMADILLO V1.71]
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderGen:Heur.Mint.Zard.45
K7GWTrojan ( 00457dfa1 )
K7AntiVirusTrojan ( 00457dfa1 )
ArcabitTrojan.Mint.Zard.45
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Lecna.AF
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Backspace-1
KasperskyUDS:Trojan.Multi.GenericML.xnet
AlibabaBackdoor:Win32/Lecna.feb820c6
NANO-AntivirusTrojan.Win32.Graftor.cxmjgz
TencentWin32.Trojan.Doris.Hrep
Ad-AwareGen:Heur.Mint.Zard.45
SophosMal/Generic-S
ComodoMalware@#13vc6nqo2vq57
F-SecureHeuristic.HEUR/AGEN.1246242
DrWebTrojan.DownLoader7.62432
ZillyaTrojan.Lecna.Win32.66
TrendMicroBKDR_LECNA.SM
McAfee-GW-EditionBehavesLike.Win32.Trojan.qz
Trapminesuspicious.low.ml.score
EmsisoftGen:Heur.Mint.Zard.45 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDownloader.Generic.anpz
AviraHEUR/AGEN.1246242
MAXmalware (ai score=80)
Antiy-AVLTrojan/Generic.ASMalwS.3304
MicrosoftBackdoor:Win32/Lecna.N!dha
GDataGen:Heur.Mint.Zard.45
CynetMalicious (score: 100)
VBA32Trojan.Wacatac
ALYacGen:Heur.Mint.Zard.45
MalwarebytesMachineLearning/Anomalous.96%
PandaTrj/Genetic.gen
TrendMicro-HouseCallBKDR_LECNA.SM
RisingTrojan.Generic@AI.98 (RDML:W1qQ9bPQXrcQVTbCDT09KQ)
YandexTrojan.Lecna!6QgvaZC4ipQ
IkarusTrojan.Win32.Lecna
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Lecna.SM!tr
BitDefenderThetaAI:Packer.1E5C186A1E
AVGWin32:Lecna [Wrm]
Cybereasonmalicious.331e82
AvastWin32:Lecna [Wrm]

How to remove Backdoor:Win32/Lecna.N!dha?

Backdoor:Win32/Lecna.N!dha removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment