Malware

How to remove “Doris.10933”?

Malware Removal

The Doris.10933 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Doris.10933 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Doris.10933?



File Info:

name: B7B789D5B8FF6FB872E5.mlw
path: /opt/CAPEv2/storage/binaries/db333f6fc3abcbac0109893afd07dae99fccc5cbc2794cdc756d2ef53b4c8fce
crc32: DA179116
md5: b7b789d5b8ff6fb872e5edccdd6b38d8
sha1: 4a8f4dbdb3116961a80247d45c70492961af70e6
sha256: db333f6fc3abcbac0109893afd07dae99fccc5cbc2794cdc756d2ef53b4c8fce
sha512: 10034394345eb5ab58af9061f8ea30da133c25edf7231cf1216bd96c21df62bf5b01a13c10243ca2866a565a4f2127f838530003a5ba43966af405e5b3a59a1d
ssdeep: 384:FxP3E7Hh1GFNrEz3VHHsqxRN3wTZp2oQq:DPU7H+4DVHtZwTZ4o
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19F72BE63F6C919E7D1E7453730758B63CB05E5183B93C7AB2E051C68CDA56A88C28B54
sha3_384: 4fd35f30224b96c3ede0ed108a9eff20e2b0e284b014228cc0388db25df39ca9b6d188e9ad083b252b7556ccbb89e614
ep_bytes: 60be15f040008dbeeb1fffff5783cdff
timestamp: 2008-07-18 21:06:06


Version Info:

CompanyName: Cargo Manager Systems, Inc.
FileDescription: GGL Backup Server
FileVersion: 1,0,0,0
LegalCopyright: 2008
Translation: 0x0000 0x0000

Doris.10933 also known as:

MicroWorld-eScanGen:Variant.Doris.10933
FireEyeGeneric.mg.b7b789d5b8ff6fb8
CAT-QuickHealTrojan.GenericPMF.S1625602
ALYacGen:Variant.Doris.10933
CylanceUnsafe
APEXMalicious
BitDefenderGen:Variant.Doris.10933
SUPERAntiSpywareTrojan.Agent/Generic
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.10b3d552
Ad-AwareGen:Variant.Doris.10933
EmsisoftGen:Variant.Doris.10933 (B)
ComodoTrojWare.Win32.TrojanDropper.Agent.~ZCA@go3n
SophosGeneric ML PUA (PUA)
GDataGen:Variant.Doris.10933
JiangminTrojan/BAT.KillWin.a
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASMalwS.1B8DD6
KingsoftHeur.SSC.2626987.1216.(kcloud)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
RisingTrojan.Win32.Agent.a (CLASSIC)
YandexTrojan.GenAsa!Q+O4UmmrDn8
FortinetW32/KillWin.BQ!tr
AVGWin32:Malware-gen
MaxSecureTrojan.Malware.300983.susgen

How to remove Doris.10933?

Doris.10933 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment