Trojan

Crypt.Trojan.Malicious.DDS malicious file

Malware Removal

The Crypt.Trojan.Malicious.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Crypt.Trojan.Malicious.DDS virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Creates a copy of itself
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Crypt.Trojan.Malicious.DDS?



File Info:

name: 5D6216CD1F5F4334B642.mlw
path: /opt/CAPEv2/storage/binaries/d37925e24c565c89648129c4e9174a941cccafe9923d55a1d8b00177928792a9
crc32: 237F3F20
md5: 5d6216cd1f5f4334b6425347000119bb
sha1: 5103ee802cd7f966fa5d1be99b2971436059a99f
sha256: d37925e24c565c89648129c4e9174a941cccafe9923d55a1d8b00177928792a9
sha512: 97e196c065b0ae396557097f634c3bb87ef2657cc8886325dc63d058296701e044cc7dbc5dbff74670ef7d84db8c5f867fed9e82b59d677d291ad9946c055f65
ssdeep: 3072:x2EXG4fEir+WTSAgkf5fNiUR39xcZ9e0qMn8yMSIXL8:nXhfEO+4SAdfNiOS+0qNylr
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T15064CAF78CE29F1FD51EE339C4AA8BD1616AC59B49A9C18232342CE5B55F0523CF1D88
sha3_384: a21afd55b723d7e9b579da44fb7b32d4226fa7764f1044858e44307f6c80ef57a11d18daaab22347efce2fad059ce7af
ep_bytes: b8000000005681c2badd382f29ff5b29
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Crypt.Trojan.Malicious.DDS also known as:

Elasticmalicious (high confidence)
FireEyeGeneric.mg.5d6216cd1f5f4334
McAfeeGenericRXAA-FA!5D6216CD1F5F
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0058c5ff1 )
K7GWTrojan ( 0058c5ff1 )
CrowdStrikewin/malicious_confidence_100% (D)
BaiduWin32.Backdoor.Padodor.a
CyrenW32/Kryptik.DCC.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.HITO
APEXMalicious
CynetMalicious (score: 100)
AvastWin32:Padodor-S [Trj]
TencentTrojan.Win32.Copak.hb
SophosTroj/Agent-BGZJ
DrWebTrojan.Packed2.43250
TrendMicroPAK_Xed-10
McAfee-GW-EditionBehavesLike.Win32.Generic.fm
IkarusTrojan.Kryptik
GDataWin32.Trojan.Agent.14Q7MT
AviraHEUR/AGEN.1200606
XcitiumPacked.Win32.MUPX.Gen@24tbus
MicrosoftTrojan:Win32/Injector.RAQ!MTB
GoogleDetected
AhnLab-V3Malware/Win32.Generic.R369371
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.36308.umZ@aqxLbnk
VBA32BScope.Trojan.Wacatac
MalwarebytesCrypt.Trojan.Malicious.DDS
TrendMicro-HouseCallPAK_Xed-10
RisingBackdoor.Berbew!1.AE6C (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Kryptik.HITO!tr
AVGWin32:Padodor-S [Trj]
Cybereasonmalicious.02cd7f

How to remove Crypt.Trojan.Malicious.DDS?

Crypt.Trojan.Malicious.DDS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment