Backdoor

Generic.Dacic.1.Backdoor.Hangup.A.E2A64DC0 (file analysis)

Malware Removal

The Generic.Dacic.1.Backdoor.Hangup.A.E2A64DC0 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Generic.Dacic.1.Backdoor.Hangup.A.E2A64DC0 virus can do?

  • Sample contains Overlay data
  • Creates an indicator observed in Territorial Disputes report SIG40
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Generic.Dacic.1.Backdoor.Hangup.A.E2A64DC0?


File Info:

name: 932D922DFE1125580E6B.mlw
path: /opt/CAPEv2/storage/binaries/22a6da9b98b7922dff3ef685fadbcf19da2e5c15e59c85967e5bac9036d2aaf0
crc32: 055B4958
md5: 932d922dfe1125580e6b8ba4b1a80aff
sha1: 083b9c8f9a2fb0ca181e6057adb512c357222417
sha256: 22a6da9b98b7922dff3ef685fadbcf19da2e5c15e59c85967e5bac9036d2aaf0
sha512: fd3fda430e3412939dca97b9a27f2b213dae60aea6c4c6a57cae7b5f1a822f14ce0123e793b9b836b54da3a4d31ba79315c5818dbe3d0ed8bc52da4dde8b0be2
ssdeep: 3072:eo0tRNpj3gTLHRAUAEQGBcHN0OlaxP3DZyN/+oeRpxPdZFibDyxn:e/RNpj3KxLAHj05xP3DZyN1eRppzcexn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T118E34B1AB245C7BEC6830FB6360A99D5B3199139D3798DB0245CCC2D1367E2CA3FA791
sha3_384: a74a3117155d6f326f22cbdc623d301f915afa89858bcca4cf6bd02e4953e64f1fa6aea6be02800e9bcf9605a174806e
ep_bytes: 906090909090b8001040009090bbd08e
timestamp: 1972-09-27 00:00:00

Version Info:

0: [No Data]

Generic.Dacic.1.Backdoor.Hangup.A.E2A64DC0 also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanGeneric.Dacic.1.Backdoor.Hangup.A.E2A64DC0
ClamAVWin.Trojan.Crypted-30
FireEyeGeneric.mg.932d922dfe112558
CAT-QuickHealBackdoor.Berbew.A6.MUE
ALYacGeneric.Dacic.1.Backdoor.Hangup.A.E2A64DC0
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005780dd1 )
K7GWTrojan ( 005780dd1 )
Cybereasonmalicious.dfe112
BaiduWin32.Trojan-Spy.Quart.a
VirITWorm.Win32.Berbew.G
CyrenW32/Qukart.L.gen!Eldorado
SymantecBackdoor.Berbew.F
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Spy.Qukart
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Proxy.Win32.Qukart.gen
BitDefenderGeneric.Dacic.1.Backdoor.Hangup.A.E2A64DC0
NANO-AntivirusTrojan.Win32.Qukart.fokxzm
AvastWin32:TrojanX-gen [Trj]
TencentTrojan-Ransom.Win32.Pornoasset.a
TACHYONBackdoor/W32.Padodor
SophosTroj/Padodo-Gen
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.Siggen13.42746
VIPREGeneric.Dacic.1.Backdoor.Hangup.A.E2A64DC0
McAfee-GW-EditionBehavesLike.Win32.Generic.cm
Trapminemalicious.high.ml.score
EmsisoftGeneric.Dacic.1.Backdoor.Hangup.A.E2A64DC0 (B)
IkarusTrojan-Spy.Win32.Qukart
GDataGeneric.Dacic.1.Backdoor.Hangup.A.E2A64DC0
JiangminTrojan.Generic.dzrgt
AviraTR/Dropper.Gen
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
ArcabitGeneric.Dacic.1.Backdoor.Hangup.A.E2A64DC0
ZoneAlarmTrojan-Proxy.Win32.Qukart.gen
MicrosoftTrojan:Win32/Vindor!pz
GoogleDetected
AhnLab-V3Win-Trojan/Berbew.51712
McAfeeGenericRXVP-YB!932D922DFE11
MAXmalware (ai score=88)
VBA32BScope.Backdoor.Berbew
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
RisingBackdoor.Berbew!1.AE0A (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Qukart.A!tr
BitDefenderThetaAI:Packer.A3320B7E21
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Generic.Dacic.1.Backdoor.Hangup.A.E2A64DC0?

Generic.Dacic.1.Backdoor.Hangup.A.E2A64DC0 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment