Backdoor:Win32/Small.CG information

The Backdoor:Win32/Small.CG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor:Win32/Small.CG virus can do?

Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Backdoor:Win32/Small.CG?


File Info:
name: 98C3C779015914B4FE9C.mlw
path: /opt/CAPEv2/storage/binaries/2bbf45cbcfc69469913dd12e3673f3fe3e36a10516e92d0c246332da3cb49729
crc32: 8D7105DF
md5: 98c3c779015914b4fe9ca1381d6e4e5b
sha1: 0acd9f5169ec7a6cc769524ab02aadea0e8f9d2c
sha256: 2bbf45cbcfc69469913dd12e3673f3fe3e36a10516e92d0c246332da3cb49729
sha512: 0e968f10f460dd34014669a853fe1997ea1914ba3d42fe6f61bc3efb6f883b374eb3e26fe3fee2ba1ed7215a26b756bd3975deba9056614ea159f328746aaead
ssdeep: 12288:EAjF4ASEV4H8pPyoQBOyGw0fpKkvTAlQT97EElOPh1vjztwbnE:ZjKFEVwSdQBdMpxvh9dlwjztwbnE
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T118152BE2497AD172C4EAB31AADFF6FAE6B35DB4260D0231741126BC05A1373275036ED
sha3_384: 8f87e67c007c91148b16784a8ae37c7a2cbcb3b96abfd661e3da34dd65e86c1599201ab8562502a9f8853c989ec9a016
ep_bytes: ff250020400000000000000000000000
timestamp: 2013-08-11 10:19:57

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: سيرفر1.exe
LegalCopyright:  
OriginalFilename: سيرفر1.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Backdoor:Win32/Small.CG also known as:

DrWeb	Trojan.DownLoader9.48551
MicroWorld-eScan	Gen:Heur.MSIL.Bladabindi.1
FireEye	Generic.mg.98c3c779015914b4
VIPRE	Gen:Heur.MSIL.Bladabindi.1
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 0055e39b1 )
Alibaba	Backdoor:MSIL/Bladabindi.a159eb14
K7GW	Trojan ( 0055e39b1 )
Cybereason	malicious.901591
BitDefenderTheta	Gen:NN.ZemsilF.34646.6m0@aKgqMmo
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.UP
APEX	Malicious
Kaspersky	HEUR:Backdoor.MSIL.Bladabindi.gen
BitDefender	Gen:Heur.MSIL.Bladabindi.1
NANO-Antivirus	Trojan.Win32.Bladabindi.dkmpln
Avast	Win32:DropperX-gen [Drp]
Ad-Aware	Gen:Heur.MSIL.Bladabindi.1
Emsisoft	Gen:Heur.MSIL.Bladabindi.1 (B)
Comodo	Malware@#145lt3s2ho0kq
Zillya	Dropper.Agent.Win32.421544
McAfee-GW-Edition	BehavesLike.Win32.Generic.dt
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Google	Detected
Avira	HEUR/AGEN.1221809
Antiy-AVL	Trojan/Generic.ASMalwS.3303
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Backdoor:Win32/Small.CG
ZoneAlarm	HEUR:Backdoor.MSIL.Bladabindi.gen
GData	Gen:Heur.MSIL.Bladabindi.1
Cynet	Malicious (score: 99)
Acronis	suspicious
McAfee	Artemis!98C3C7790159
MAX	malware (ai score=88)
Tencent	Msil.Backdoor.Bladabindi.Swhl
MaxSecure	Trojan.Malware.7164915.susgen
Fortinet	MSIL/Dropper.WT!tr
AVG	Win32:DropperX-gen [Drp]
Panda	Generic Malware
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Backdoor:Win32/Small.CG?

Backdoor:Win32/Small.CG removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X