Backdoor

What is “Backdoor:Win64/Turla!MTB”?

Malware Removal

The Backdoor:Win64/Turla!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Backdoor:Win64/Turla!MTB virus can do?

    How to determine Backdoor:Win64/Turla!MTB?

    
    

    File Info:

    crc32: 70119224
    md5: 7ec8a9641d7342d1a471ebcd98e28b62
    name: 7EC8A9641D7342D1A471EBCD98E28B62.mlw
    sha1: 25cf8ebd4667b63df880e51744c98df51be374a1
    sha256: 915ad2650186cabd48befae7e195783e5b3bbdf38f0b4af9e0a9e73726779fa3
    sha512: c2ec921913f1823ca278f4bf7aa75517dd07e504e398cefd5eaa7117f5af624f2e0f3e72455fca370a5cb3084558108a56ead0602fa0270b50f9bd053092d4f2
    ssdeep: 3072:VI2CFKWMb/jgziQfYp8SU2CpDRJX9i9f3bFma1Hb:VIube2eX9i90ad
    type: PE32+ executable (DLL) (GUI) x86-64, for MS Windows

    Version Info:

    LegalCopyright: Microsoft Corporation. All rights reserved.
    InternalName: WICACCESS.DLL
    FileVersion: 3.5.2.0
    CompanyName: Microsoft Corporation
    ProductName: Microsoftxae Windowsxae Operating System
    ProductVersion: 6.1.7601.17514
    FileDescription: Windows Integrity Control Library
    OriginalFilename: WICACCESS.DLL
    Translation: 0x0409 0x04b0

    Backdoor:Win64/Turla!MTB also known as:

    LionicTrojan.Win32.Turla.m!c
    Elasticmalicious (high confidence)
    ALYacBackdoor.Turla.A
    CylanceUnsafe
    ZillyaBackdoor.Turla.Win64.7
    SangforBackdoor.Win32.Turla.ghx
    CrowdStrikewin/malicious_confidence_100% (W)
    AlibabaBackdoor:Win64/Turla.65ddaf00
    K7GWTrojan ( 005608111 )
    K7AntiVirusTrojan ( 005608111 )
    SymantecTrojan.Turla
    ESET-NOD32a variant of Win64/Turla.BG
    AvastWin64:Trojan-gen
    KasperskyBackdoor.Win32.Turla.ghx
    BitDefenderTrojan.GenericKD.33281418
    NANO-AntivirusTrojan.Win64.Turla.hcukok
    MicroWorld-eScanTrojan.GenericKD.33281418
    TencentWin32.Backdoor.Turla.Ammq
    Ad-AwareTrojan.GenericKD.33281418
    SophosMal/Generic-S
    ComodoMalware@#2oqk55n0th44t
    F-SecureHeuristic.HEUR/AGEN.1108423
    VIPRETrojan.Win32.Generic!BT
    TrendMicroTROJ_GEN.R002C0DE121
    McAfee-GW-EditionArtemis!Trojan
    FireEyeTrojan.GenericKD.33281418
    EmsisoftTrojan.GenericKD.33281418 (B)
    JiangminBackdoor.Turla.r
    WebrootW32.Trojan.Gen
    AviraHEUR/AGEN.1108423
    Antiy-AVLTrojan/Generic.ASMalwS.2FF52BF
    MicrosoftBackdoor:Win64/Turla!MTB
    ArcabitTrojan.Generic.D1FBD58A
    ZoneAlarmBackdoor.Win32.Turla.ghx
    GDataTrojan.GenericKD.33281418
    AhnLab-V3Trojan/Win64.Turla.R346713
    McAfeeArtemis!7EC8A9641D73
    MAXmalware (ai score=85)
    VBA32Backdoor.Turla
    MalwarebytesMalware.AI.1640013812
    PandaTrj/Turla.A
    TrendMicro-HouseCallTROJ_GEN.R002C0DE121
    IkarusTrojan.Win64.Turla
    MaxSecureTrojan.Malware.6971530.susgen
    FortinetW32/Turla.BG!tr.bdr
    AVGWin64:Trojan-gen
    Paloaltogeneric.ml
    Qihoo-360Win32/Backdoor.TurlaOutlook.HggASOQA

    How to remove Backdoor:Win64/Turla!MTB?

    Backdoor:Win64/Turla!MTB removal tool
    • Download and install GridinSoft Anti-Malware.
    • Open GridinSoft Anti-Malware and perform a “Standard scan“.
    • Move to quarantine” all items.
    • Open “Tools” tab – Press “Reset Browser Settings“.
    • Select proper browser and options – Click “Reset”.
    • Restart your computer.

    About the author

    Paul Valéry

    I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

    Leave a Comment