Backdoor

BScope.Backdoor.CosmicDuke removal tips

Malware Removal

The BScope.Backdoor.CosmicDuke is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.Backdoor.CosmicDuke virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine BScope.Backdoor.CosmicDuke?



File Info:

crc32: 96CB1D22
md5: c1891bb7081d7d4a36de1bf51c22210c
name: C1891BB7081D7D4A36DE1BF51C22210C.mlw
sha1: 54065a2000f1c8db232fdb11dd860f6ba14e8a06
sha256: 00442eaecdaad672f81b0b29282ac0c0844af9aaa3542c7548e0b6c8684c9d5d
sha512: 9bf5ca2cd068120ec89f8f6555dcca92e653eecbc68d73d5c4372f14c322e2f1ee64531730a4a988b55a2ecca79747c91ca3ce331e01c0f7611cf08aeddb331f
ssdeep: 48:aF2k+IYYTAxB5EC7BWnVxAiidlxav2trgtQvh2v:cCMAOED7a6c22
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

BScope.Backdoor.CosmicDuke also known as:

K7AntiVirusPassword-Stealer ( 0049b09a1 )
Elasticmalicious (high confidence)
DrWebTrojan.Siggen6.57235
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Mauvaise.SL1
ALYacGen:Variant.Razy.906856
CylanceUnsafe
ZillyaTrojan.Agent.Win32.667579
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWPassword-Stealer ( 0049b09a1 )
Cybereasonmalicious.7081d7
BaiduWin32.Trojan-PSW.Agent.l
CyrenW32/Trojan.EOKO-3815
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/PSW.Agent.NYQ
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Trojan.CosmicDuke-6376318-0
KasperskyHEUR:Backdoor.Win32.CosmicDuke.gen
BitDefenderGen:Variant.Razy.906856
NANO-AntivirusTrojan.Win32.CosmicDuke.dbzksi
ViRobotTrojan.Win32.CosmicDuke.1314325
MicroWorld-eScanGen:Variant.Razy.906856
TencentMalware.Win32.Gencirc.10b3d341
Ad-AwareGen:Variant.Razy.906856
SophosML/PE-A + Troj/CosDuke-C
ComodoTrojWare.Win32.CosmicDuke.DB@6lnk05
BitDefenderThetaGen:NN.ZexaF.34266.FnZ@a8mOibhi
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_SKEEYAH_FC170192.UVPA
McAfee-GW-EditionPWS-FBWV!C1891BB7081D
FireEyeGeneric.mg.c1891bb7081d7d4a
EmsisoftGen:Variant.Razy.906856 (B)
SentinelOneStatic AI – Malicious PE
JiangminBackdoor/CosmicDuke.i
AviraTR/Rogue.11473269
Antiy-AVLTrojan/Generic.ASMalwS.AD3B1E
MicrosoftTrojanDownloader:Win32/Upatre
SUPERAntiSpywarePUP.CosmicDuke/Variant
GDataGen:Variant.Razy.906856
AhnLab-V3Trojan/Win32.Agent.R131885
Acronissuspicious
McAfeePWS-FBWV!C1891BB7081D
MAXmalware (ai score=100)
VBA32BScope.Backdoor.CosmicDuke
MalwarebytesBackdoor.CosmicDuke
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_SKEEYAH_FC170192.UVPA
RisingBackdoor.Win32.CosmicDuke.b (CLASSIC)
YandexTrojan.GenAsa!Xxdu1b+ysKo
IkarusTrojan.Win32.PSW
FortinetW32/Agent.NYQ.PWS!tr
AVGWin32:Malware-gen

How to remove BScope.Backdoor.CosmicDuke?

BScope.Backdoor.CosmicDuke removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment