Backdoor

Generic.Dacic.1.Backdoor.Hangup.A.9C8F9A14 (file analysis)

Malware Removal

The Generic.Dacic.1.Backdoor.Hangup.A.9C8F9A14 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Dacic.1.Backdoor.Hangup.A.9C8F9A14 virus can do?

  • Sample contains Overlay data
  • Creates an indicator observed in Territorial Disputes report SIG40
  • Uses Windows utilities for basic functionality
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Generic.Dacic.1.Backdoor.Hangup.A.9C8F9A14?



File Info:

name: F4602E37177F315141AC.mlw
path: /opt/CAPEv2/storage/binaries/aabc616dda55e750a70c90c95f4a39770789169ac97238d04b677bbc3668b4b0
crc32: 5F389AC6
md5: f4602e37177f315141acf6bb97c0595d
sha1: 3e6f753ca2d7ff59cacee32530e6871b4bfd3f2b
sha256: aabc616dda55e750a70c90c95f4a39770789169ac97238d04b677bbc3668b4b0
sha512: 2be9b968de92f052386819e0f7f24769ea61f821f81cd3c9370f4a88bb88b58added984eff2eeaf1dfa91d7eb4c4efbda180b1caeeab309441975a12d4c93eef
ssdeep: 24576:VG3RfyvzecvHPh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2EvZHp3oWAU:VuRfyvKcvXbazR0vKLXZ6U
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B6759D13FA57A933C09B2275227F9F31906DC8F58F2345E309989AF1AAB12C356743E5
sha3_384: a74e1f58f0a7609a362fb9642e6373b159404babf34980a90ec0536b2e0e0cd135a7420a96be9087b695469c786475a7
ep_bytes: 90909090906090b80010400090bb6c8f
timestamp: 2021-04-04 22:06:51


Version Info:

0: [No Data]

Generic.Dacic.1.Backdoor.Hangup.A.9C8F9A14 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Berbew.h!c
tehtrisGeneric.Malware
MicroWorld-eScanGeneric.Dacic.1.Backdoor.Hangup.A.9C8F9A14
FireEyeGeneric.mg.f4602e37177f3151
CAT-QuickHealBackdoor.Berbew.A6.MUE
SkyhighBehavesLike.Win32.Generic.tc
ALYacGeneric.Dacic.1.Backdoor.Hangup.A.9C8F9A14
MalwarebytesGeneric.Malware.AI.DDS
VIPREGeneric.Dacic.1.Backdoor.Hangup.A.9C8F9A14
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005780dd1 )
BitDefenderGeneric.Dacic.1.Backdoor.Hangup.A.9C8F9A14
K7GWTrojan ( 005780dd1 )
Cybereasonmalicious.ca2d7f
ArcabitGeneric.Dacic.1.Backdoor.Hangup.A.9C8F9A14
BitDefenderThetaAI:Packer.ABFF2A9921
VirITWorm.Win32.Berbew.G
SymantecBackdoor.Berbew.F
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Padodor.NAX
APEXMalicious
KasperskyTrojan-Proxy.Win32.Qukart.gen
AlibabaBackdoor:Win32/Berbew.36d
NANO-AntivirusTrojan.Win32.Qukart.fokxzm
ViRobotTrojan.Win.Z.Qukart.1613574.COD
RisingBackdoor.Berbew!1.AE0A (CLASSIC)
SophosTroj/Padodo-Fam
BaiduWin32.Trojan-Spy.Quart.a
F-SecureTrojan.TR/Crypt.XDR.Gen
DrWebBackDoor.HangUp.43791
ZillyaTrojan.Padodor.Win32.344895
TrendMicroTROJ_GEN.R03BC0CK923
Trapminemalicious.high.ml.score
EmsisoftGeneric.Dacic.1.Backdoor.Hangup.A.9C8F9A14 (B)
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=85)
JiangminTrojan.Generic.dzrgt
GoogleDetected
AviraTR/Crypt.XDR.Gen
VaristW32/Agent.HJI.gen!Eldorado
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
Kingsoftmalware.kb.a.998
MicrosoftBackdoor:Win32/Berbew.AA!MTB
ZoneAlarmTrojan-Proxy.Win32.Qukart.gen
GDataWin32.Trojan.PSE.11RRK8R
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/Berbew.51712
Acronissuspicious
McAfeeTrojan-FVOJ!F4602E37177F
TACHYONBackdoor/W32.Padodor
DeepInstinctMALICIOUS
VBA32BScope.Backdoor.Berbew
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R03BC0CK923
TencentTrojan-Ransom.Win32.Pornoasset.a
YandexTrojan.PR.Qukart!7x4N/APncCU
IkarusTrojan-Spy.Win32.Qukart
MaxSecureProxy.Qukart.gen
FortinetW32/GenKryptik.BJQV!tr
AVGWin32:TrojanX-gen [Trj]
AvastWin32:TrojanX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Generic.Dacic.1.Backdoor.Hangup.A.9C8F9A14?

Generic.Dacic.1.Backdoor.Hangup.A.9C8F9A14 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment