Malware

Dropped:Generic.Application.BAT.Disabler.A.67DD42AA removal

Malware Removal

The Dropped:Generic.Application.BAT.Disabler.A.67DD42AA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Dropped:Generic.Application.BAT.Disabler.A.67DD42AA virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • A cryptomining command was executed
  • Deletes executed files from disk
  • Attempts to disable Windows Defender
  • Attempts to disable Windows Defender logging
  • Attempts to remove Windows Defender from context menu
  • Created a service that was not started
  • Uses suspicious command line tools or Windows utilities

How to determine Dropped:Generic.Application.BAT.Disabler.A.67DD42AA?



File Info:

name: F962628BDEEA7557AE61.mlw
path: /opt/CAPEv2/storage/binaries/202ad65f3956cde4764d1a789c3bac46a8b9dca3203c783a1efdc058bd94022f
crc32: 954D04F9
md5: f962628bdeea7557ae61ea61b3e8bd51
sha1: ebec33d67bd123146341e02690637f8a40234f27
sha256: 202ad65f3956cde4764d1a789c3bac46a8b9dca3203c783a1efdc058bd94022f
sha512: 51c552e057010c759ead1f4ead26477d14a2190f3f3c620e16dad9d06c37d3f82cc8508ac0e6f0febb1715e241ebabf2ffaa9170540ef376d7b878f0368abcb7
ssdeep: 98304:nktEDt0k984nukQYxQFKWRw3hmXsFALcQUkfL3BIdw48phwTpb+:np0k98caxFLRyhulUkD3BIP8b6b+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12A163395F3D022A3F6F00B346165163E3D616A67DF40F8C353A83B7A6972291253A3BD
sha3_384: 111eb4897fd96effeb3867c8f5c1a8c821a567066053613fddce52bc3a49c0731a8e99d3a67a59ce51507f90984f8bd1
ep_bytes: 68ac00000068000000006810804100e8
timestamp: 2019-07-30 08:52:50


Version Info:

0: [No Data]

Dropped:Generic.Application.BAT.Disabler.A.67DD42AA also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Tiny.trFe
tehtrisGeneric.Malware
MicroWorld-eScanDropped:Generic.Application.BAT.Disabler.A.67DD42AA
FireEyeGeneric.mg.f962628bdeea7557
ALYacDropped:Generic.Application.BAT.Disabler.A.67DD42AA
CylanceUnsafe
VIPREDropped:Generic.Application.BAT.Disabler.A.67DD42AA
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (W)
AlibabaTrojan:BAT/KillAV.03a0dbc5
K7GWTrojan ( 0059526e1 )
K7AntiVirusTrojan ( 0059526e1 )
VirITTrojan.Win32.Genus.IHW
CyrenW32/Trojan.VFBA-8001
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32BAT/KillAV.NGB
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.BAT.KillAV.gen
BitDefenderDropped:Generic.Application.BAT.Disabler.A.67DD42AA
AvastFileRepMalware
TencentWin32.Trojan.Generic.Ctgl
Ad-AwareDropped:Generic.Application.BAT.Disabler.A.67DD42AA
EmsisoftDropped:Generic.Application.BAT.Disabler.A.67DD42AA (B)
ZillyaTool.Lazagne.Win32.102
McAfee-GW-EditionBehavesLike.Win32.Dropper.rc
SophosMal/Generic-S
IkarusTrojan.BAT.KillAV
GDataDropped:Generic.Application.BAT.Disabler.A.67DD42AA
AviraBAT/KillAV.rwsjq
MAXmalware (ai score=82)
Antiy-AVLTrojan/Generic.ASMalwS.50F5
ArcabitGeneric.Application.BAT.Disabler.A.67DD42AA
ZoneAlarmHEUR:Trojan.BAT.KillAV.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4556237
McAfeeArtemis!F962628BDEEA
MalwarebytesMalware.AI.392946571
TrendMicro-HouseCallTROJ_GEN.R002H0CI522
RisingTrojan.Generic@AI.100 (RDML:Rs+rlVSH8J533ByMkkG11A)
YandexTrojan.Agent!aeas9nB5qAQ
SentinelOneStatic AI – Malicious PE
FortinetAdware/KillAV
AVGFileRepMalware
Cybereasonmalicious.bdeea7
PandaTrj/CI.A

How to remove Dropped:Generic.Application.BAT.Disabler.A.67DD42AA?

Dropped:Generic.Application.BAT.Disabler.A.67DD42AA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment