Backdoor

What is “BScope.Backdoor.IRC.Combot”?

Malware Removal

The BScope.Backdoor.IRC.Combot is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.Backdoor.IRC.Combot virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Checks for the presence of known devices from debuggers and forensic tools
  • Checks for the presence of known devices from debuggers and forensic tools
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine BScope.Backdoor.IRC.Combot?



File Info:

name: 7544C558BEBB36B0895B.mlw
path: /opt/CAPEv2/storage/binaries/906897b904cb35d599a90465a5f10c4c0d4b5aed0b3b88245d29f86d69f3cd6f
crc32: AFBABEE0
md5: 7544c558bebb36b0895b79960836aac6
sha1: d81b278ebb79b8f35197bf16ba1b35074ad2b9e5
sha256: 906897b904cb35d599a90465a5f10c4c0d4b5aed0b3b88245d29f86d69f3cd6f
sha512: f3887fa046bade32e1c14d785c9c42777fff188487b26e38c04a249773370eb710bb6956e4b7d208d3ec060db1303b7d8744a85be891680f750c75b628a109f1
ssdeep: 3072:M0A/da+28nlzJWN1J5SI+8MhkFtMk2AJG6p:9VF8Q1SI+bhkF52f
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16FB30201E31CFA61C11C6E35D78D25F42E69ECE7F1B55F374585BA2EB03A5A2014A2C7
sha3_384: e5610a5f184914a7ad71bb5c1f92f48c039297548581e7a4c9268a8b7067504bcb2f2f63d453372945d584251dbe0223
ep_bytes: b8a0be44005064ff3500000000648925
timestamp: 2010-06-24 13:11:11


Version Info:

0: [No Data]

BScope.Backdoor.IRC.Combot also known as:

BkavW32.Common.1CFD4C50
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
SkyhighBehavesLike.Win32.Corrupt.cc
CrowdStrikewin/grayware_confidence_90% (W)
BitDefenderThetaGen:NN.ZexaF.36792.gmWfaelpmgji
SymantecML.Attribute.HighConfidence
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Trojan.ZeGhost-9945972-0
SophosML/PE-A
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.7544c558bebb36b0
WebrootW32.Trojan.ZeGhost
Antiy-AVLTrojan/Win32.SGeneric
Kingsoftmalware.kb.a.1000
GoogleDetected
McAfeeArtemis!7544C558BEBB
DeepInstinctMALICIOUS
VBA32BScope.Backdoor.IRC.Combot
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H06EI23
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.3411146.susgen
Cybereasonmalicious.ebb79b

How to remove BScope.Backdoor.IRC.Combot?

BScope.Backdoor.IRC.Combot removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment