Trojan

About “Generic.Trojan.RemotePotato.1.7DC2A19F” infection

Malware Removal

The Generic.Trojan.RemotePotato.1.7DC2A19F is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Generic.Trojan.RemotePotato.1.7DC2A19F virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Generic.Trojan.RemotePotato.1.7DC2A19F?


File Info:

name: 675939F86B8573631D68.mlw
path: /opt/CAPEv2/storage/binaries/db511f20a04b1065130fed2951d4c3e68b6f8ecef464b1afa4a63101c934055a
crc32: 62B360A1
md5: 675939f86b8573631d687badf498e515
sha1: d50f4f1e72e44a7d4990e7ee1b95cf3e866a5a7f
sha256: db511f20a04b1065130fed2951d4c3e68b6f8ecef464b1afa4a63101c934055a
sha512: 050c5c418d1259aada0391167cd663fbf76da7fffb402ebc0e8e8fd9ee0867cb934b905e3fd4940e2636d52bb786be9ae42921918ef5a33e62b6d65f139454ef
ssdeep: 1536:cSVqzn4rzBHLxzX/bnICEoW8mtXrx+61YW2DtgCiFsqatPqdEZij5a:Jen+zdFrrpEyabQgYW2DwFOtYEZM
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1A68302870524DAF8CD1A4BBCA4020E750362660AE4ECCB88B9C2559DFF3B9E5D4EE147
sha3_384: 097bcf9dc517f309ec1f179e91a2029e1a8ab13678bf4c9daeb15f79d3e30cca0f80707769b3c146baa7277439125fde
ep_bytes: 53565755488d3545befeff488dbe0020
timestamp: 2021-12-10 11:16:44

Version Info:

0: [No Data]

Generic.Trojan.RemotePotato.1.7DC2A19F also known as:

MicroWorld-eScanGeneric.Trojan.RemotePotato.1.7DC2A19F
ALYacGeneric.Trojan.RemotePotato.1.7DC2A19F
SangforSuspicious.Win32.Save.a
Cybereasonmalicious.e72e44
ESET-NOD32a variant of Win64/HackTool.RoguePotato.A
KasperskyHEUR:Exploit.Win64.Kartosh.rem
BitDefenderGeneric.Trojan.RemotePotato.1.7DC2A19F
Ad-AwareGeneric.Trojan.RemotePotato.1.7DC2A19F
EmsisoftGeneric.Trojan.RemotePotato.1.7DC2A19F (B)
FireEyeGeneric.mg.675939f86b857363
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitGeneric.Trojan.RemotePotato.1.7DC2A19F
GDataGeneric.Trojan.RemotePotato.1.7DC2A19F
CynetMalicious (score: 100)
Acronissuspicious
MAXmalware (ai score=84)
CylanceUnsafe
APEXMalicious

How to remove Generic.Trojan.RemotePotato.1.7DC2A19F?

Generic.Trojan.RemotePotato.1.7DC2A19F removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment