Categories: Backdoor

What is “Backdoor:Win32/Lecna.N!dha”?

The Backdoor:Win32/Lecna.N!dha is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Lecna.N!dha virus can do?

  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Access the NetLogon registry key, potentially used for discovery or tampering
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup

How to determine Backdoor:Win32/Lecna.N!dha?



File Info:

name: 9433FFC331E82CED1286.mlwpath: /opt/CAPEv2/storage/binaries/b082540f1bcbac4f8315cac88a1d6cadbcebf3fec1fbadd9d8eea5392af79c35crc32: 013B0276md5: 9433ffc331e82ced1286a0d7e6dca064sha1: 9915ac5a385a8f47ae839b7795146f0312c41e8csha256: b082540f1bcbac4f8315cac88a1d6cadbcebf3fec1fbadd9d8eea5392af79c35sha512: 5868dbe946dae81c3855cacbb6b61dac6cba1354b6ad4c872f28e46715bfbfb77397f2bdaa6ea2f73fa1667376c26fb368ec2eeac8c13285eabcf071b4861528ssdeep: 768:vMnGPCo5ll54rVD2De6t54T7Qol4gHZIXyUQ37bEA61p1:5P/J54rVqDe6t54T7QMKXyUKqztype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1CC436C43A585C847E4A305790900FCB3CEFBE43442DE2EABE380DAC97C619B5991D34Bsha3_384: b347ca5ad76a8c7bdf16aee96222a58e2d9b0b23397d52f55a0ff2570df669e664e2780982e1917d4cfb137491f456fdep_bytes: 558bec6aff687882400068507f400064timestamp: 2013-01-04 03:36:13

Version Info:

0: [No Data]

Backdoor:Win32/Lecna.N!dha also known as:

Bkav W32.AIDetect.malware1
Lionic Trojan.Multi.Generic.4!c
MicroWorld-eScan Gen:Heur.Mint.Zard.45
FireEye Generic.mg.9433ffc331e82ced
CAT-QuickHeal Backdoor.Lecna.18662
McAfee GenericRXAA-AA!9433FFC331E8
Cylance Unsafe
VIPRE Gen:Heur.Mint.Zard.45
Sangfor [ARMADILLO V1.71]
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Gen:Heur.Mint.Zard.45
K7GW Trojan ( 00457dfa1 )
K7AntiVirus Trojan ( 00457dfa1 )
Arcabit Trojan.Mint.Zard.45
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Lecna.AF
APEX Malicious
Paloalto generic.ml
ClamAV Win.Trojan.Backspace-1
Kaspersky UDS:Trojan.Multi.GenericML.xnet
Alibaba Backdoor:Win32/Lecna.feb820c6
NANO-Antivirus Trojan.Win32.Graftor.cxmjgz
Tencent Win32.Trojan.Doris.Hrep
Ad-Aware Gen:Heur.Mint.Zard.45
Sophos Mal/Generic-S
Comodo Malware@#13vc6nqo2vq57
F-Secure Heuristic.HEUR/AGEN.1246242
DrWeb Trojan.DownLoader7.62432
Zillya Trojan.Lecna.Win32.66
TrendMicro BKDR_LECNA.SM
McAfee-GW-Edition BehavesLike.Win32.Trojan.qz
Trapmine suspicious.low.ml.score
Emsisoft Gen:Heur.Mint.Zard.45 (B)
SentinelOne Static AI – Malicious PE
Jiangmin TrojanDownloader.Generic.anpz
Avira HEUR/AGEN.1246242
MAX malware (ai score=80)
Antiy-AVL Trojan/Generic.ASMalwS.3304
Microsoft Backdoor:Win32/Lecna.N!dha
GData Gen:Heur.Mint.Zard.45
Cynet Malicious (score: 100)
VBA32 Trojan.Wacatac
ALYac Gen:Heur.Mint.Zard.45
Malwarebytes MachineLearning/Anomalous.96%
Panda Trj/Genetic.gen
TrendMicro-HouseCall BKDR_LECNA.SM
Rising Trojan.Generic@AI.98 (RDML:W1qQ9bPQXrcQVTbCDT09KQ)
Yandex Trojan.Lecna!6QgvaZC4ipQ
Ikarus Trojan.Win32.Lecna
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Lecna.SM!tr
BitDefenderTheta AI:Packer.1E5C186A1E
AVG Win32:Lecna [Wrm]
Cybereason malicious.331e82
Avast Win32:Lecna [Wrm]

How to remove Backdoor:Win32/Lecna.N!dha?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: Backdoor:Win32/Lecna.N!dha
2 years ago

Recent Posts

About “TrojanDownloader:Win32/Seimon.D” infection

The TrojanDownloader:Win32/Seimon.D is considered dangerous by lots of security experts. When this infection is active,…

50 seconds ago

VHO:Trojan.Win32.Copak.cpulx removal tips

The VHO:Trojan.Win32.Copak.cpulx is considered dangerous by lots of security experts. When this infection is active,…

1 min ago

Virus:Win32/Jadtre.B information

The Virus:Win32/Jadtre.B is considered dangerous by lots of security experts. When this infection is active,…

5 mins ago

Generic.Dialer.067D8B6E (file analysis)

The Generic.Dialer.067D8B6E is considered dangerous by lots of security experts. When this infection is active,…

11 mins ago

How to remove “Trojan:Win32/Vbclone.RPX!MTB”?

The Trojan:Win32/Vbclone.RPX!MTB is considered dangerous by lots of security experts. When this infection is active,…

15 mins ago

Malware.AI.2511406519 removal tips

The Malware.AI.2511406519 is considered dangerous by lots of security experts. When this infection is active,…

17 mins ago