Categories: Malware

BScope.Malware-Cryptor.MTA (file analysis)

The BScope.Malware-Cryptor.MTA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What BScope.Malware-Cryptor.MTA virus can do?

Executable code extraction
Presents an Authenticode digital signature
Creates RWX memory
Possible date expiration check, exits too soon after checking local time
A process created a hidden window
Drops a binary and executes it
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
Creates a copy of itself
Anomalous binary characteristics

How to determine BScope.Malware-Cryptor.MTA?


File Info:
crc32: A47D15D7md5: 1797651211ac297e6360cc3978903b8dname: upload_filesha1: 5dce856c0a7cdc631c3e320afc38652421a58c77sha256: 42b5f7c8b613fe91cda144df561ac6d6dbf902d34507fc9d6642e2d06d73a784sha512: 5db8da666ee50922f3bda74b40bb61e6d115d9047e9daea6b8a7177e8ec967bc3b314f81f4adff25a848e7f4f637657bfc6bb55fed93e21cdb15254e5ab88613ssdeep: 6144:qtmAPWRMakhCmPGAVU4yDqkxH/gBnDQHfRYuCo1rXLogRzrFXdA/xoxtFZGgRnT:ZMWCV61Co1LHs/x3aWU1606uyFwBJ1Stype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

BScope.Malware-Cryptor.MTA also known as:

Elastic	malicious (high confidence)
DrWeb	Trojan.QakBot.36
MicroWorld-eScan	Trojan.GenericKD.34881425
FireEye	Generic.mg.1797651211ac297e
McAfee	W32/PinkSbot-HD!1797651211AC
Cylance	Unsafe
Sangfor	Malware
BitDefender	Trojan.GenericKD.34881425
K7GW	Trojan ( 005703571 )
CrowdStrike	win/malicious_confidence_70% (D)
APEX	Malicious
ClamAV	Win.Packed.Qbot-9782722-0
Kaspersky	Trojan-Spy.Win32.Agent.jyar
Ad-Aware	Trojan.GenericKD.34881425
Invincea	Mal/EncPk-APW
McAfee-GW-Edition	W32/PinkSbot-HD!1797651211AC
Sophos	Mal/EncPk-APW
SentinelOne	DFI – Malicious PE
Avira	TR/AD.Qbot.vkkip
MAX	malware (ai score=80)
Microsoft	Trojan:Win32/Wacatac.D4!ml
Arcabit	Trojan.Generic.D2143F91
ZoneAlarm	Trojan-Spy.Win32.Agent.jyar
GData	Trojan.GenericKD.34881425
VBA32	BScope.Malware-Cryptor.MTA
ALYac	Trojan.GenericKD.34881425
ESET-NOD32	a variant of Win32/Kryptik.HGMS
Rising	Trojan.Kryptik!8.8 (TFE:4:yXjqRwD5NqH)
Ikarus	Trojan.Win32.Crypt
Fortinet	W32/Kryptik.HERT!tr
AVG	FileRepMalware
Cybereason	malicious.c0a7cd
Qihoo-360	Generic/HEUR/QVM19.1.C901.Malware.Gen