Backdoor

BScope.Backdoor.Netthief (file analysis)

Malware Removal

The BScope.Backdoor.Netthief is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What BScope.Backdoor.Netthief virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine BScope.Backdoor.Netthief?


File Info:

crc32: 3F834338
md5: b525dc4d9d187c68b6f7bbd8a6263de6
name: B525DC4D9D187C68B6F7BBD8A6263DE6.mlw
sha1: 54d4caced767b0e9e937936087dbf608d3260f24
sha256: 788c22cb56f8ae47df3c65386220d1abcd28f20851873aa3c65769cba749e2ab
sha512: b274a2eedc407593909730982e08209211ba34d29cd9b5212bd20839f7d8c259346ff4f96c548ae538af4301b84a5a7a6929568faf872f80bac6691ed551d405
ssdeep: 12288:c9LcIe7RHLm3Ne8P/XUU+OpFwLi0VFA6i0VFAe0i0VFA6tD:c9oRq9NP/XUyQLiGFA6iGFAe0iGFA6F
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: *x672cx7a0bx5e8fx6700x7ec8x89e3x91cax6743x5f52x5175x8054x4e92x521b(SUIC)x6240x6709* *x7248x6743x5f52x5c5ex5175x8054x4e92x521b* *x8bf7x52ffx7528x4e8ex4efbx4f55x5546x4e1ax7528x9014*
FileVersion: 2.0.2.0
CompanyName: x5175x8054x4e92x521b|x5c18x5175
Comments: x5175x8054x4e92x521b|x5c18x5175
ProductName: Compete-King Launcher
ProductVersion: 2.0.2.0
FileDescription: x7adex6280x4e4bx738b2.0x7248x672cx767bx9646x5668
Translation: 0x0804 0x04b0

BScope.Backdoor.Netthief also known as:

BkavW32.AIDetect.malware2
K7AntiVirusPassword-Stealer ( 004db2ff1 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader23.38132
CynetMalicious (score: 100)
CAT-QuickHealRansom.Gimemo.16898
ALYacGen:Malware.Heur.1.!copidmbe!.nr0@baRqyKmb
CylanceUnsafe
ZillyaTrojan.Generic.Win32.312
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (D)
K7GWPassword-Stealer ( 004db2ff1 )
Cybereasonmalicious.d9d187
CyrenW32/Virut.X.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastFileRepMalware
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Malware.Heur.1.!copidmbe!.nr0@baRqyKmb
MicroWorld-eScanGen:Malware.Heur.1.!copidmbe!.nr0@baRqyKmb
TencentWin32.Trojan.Pe.Pdbx
Ad-AwareGen:Malware.Heur.1.!copidmbe!.nr0@baRqyKmb
SophosW32/Scribble-B
ComodoVirus.Win32.Virut.CE@5jedjj
VIPRETrojan.Win32.Generic!BT
TrendMicroPE_VIRUX.S-4
McAfee-GW-EditionBehavesLike.Win32.Generic.tm
FireEyeGeneric.mg.b525dc4d9d187c68
EmsisoftGen:Malware.Heur.1.!copidmbe!.nr0@baRqyKmb (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Patched.Ren.Gen3
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwS.20F29BC
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitGen:Malware.Heur.1.!copidmbe!.E7E8B0
GDataGen:Malware.Heur.1.!copidmbe!.nr0@baRqyKmb
McAfeeArtemis!B525DC4D9D18
MAXmalware (ai score=80)
VBA32BScope.Backdoor.Netthief
MalwarebytesTrojan.MalPack.FlyStudio
TrendMicro-HouseCallPE_VIRUX.S-4
YandexTrojan.GenAsa!BNGnMp2A7+Y
IkarusTrojan.Win32.Scar
AVGFileRepMalware
Paloaltogeneric.ml

How to remove BScope.Backdoor.Netthief?

BScope.Backdoor.Netthief removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment