Backdoor

BScope.Backdoor.IRC.Sdbot malicious file

Malware Removal

The BScope.Backdoor.IRC.Sdbot is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What BScope.Backdoor.IRC.Sdbot virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine BScope.Backdoor.IRC.Sdbot?


File Info:

crc32: F4FAAD61
md5: 2e50829caa3d8ba39f769e8283321dc0
name: 2E50829CAA3D8BA39F769E8283321DC0.mlw
sha1: 0e1fb0c30cb4b2baaa9ad5985a2889a47a0488f1
sha256: e886ab15371aafe73435c993056b400cd279a136ef12b3d21f6de922628a98a8
sha512: 6742f3751aa18acf0695ed93b3588b16fd86a45918d461918a9cb88bf09ddeb676d5dbb6ccecc769441bc1f202f504550fec8de0ad38d5a9f3fe4317ae519015
ssdeep: 6144:dWy7Scc+ccu9LdTEzpyyUGuAi6CfwqG+WdKcc:dW2rWJEzhUSFqQ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: MonDoThienVuong,DeCoLua,ThienViet
InternalName: AutoJX2
FileVersion: 1.00.0025
CompanyName: www.AutoJX2.com
ProductName: JX2Train
ProductVersion: 1.00.0025
FileDescription: JX2 Auto Train
OriginalFilename: AutoJX2.exe

BScope.Backdoor.IRC.Sdbot also known as:

LionicTrojan.Win32.IRCBot.m!c
CylanceUnsafe
SymantecBackdoor.Ratenjay
APEXMalicious
AvastFileRepMalware
KasperskyUDS:DangerousObject.Multi.Generic
TencentWin32.Backdoor.Ircbot.Htci
SophosMal/Generic-S
VIPREBackdoor.IRCBot
FireEyeGeneric.mg.2e50829caa3d8ba3
WebrootW32.Trojan.Dropper
MicrosoftTrojan:Win32/Wacatac.A!ml
McAfeeArtemis!2E50829CAA3D
VBA32BScope.Backdoor.IRC.Sdbot
PandaGeneric Malware
TrendMicro-HouseCallTROJ_GEN.R03BH07KF21
RisingTrojan.Injector!1.B459 (CLASSIC)
YandexBackdoor.IRCBot!mxPEmhEiAJc
MaxSecureTrojan.Malware.1728101.susgen
AVGFileRepMalware

How to remove BScope.Backdoor.IRC.Sdbot?

BScope.Backdoor.IRC.Sdbot removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment