Backdoor

Glupteba.Backdoor.Bruteforce.DDS information

Malware Removal

The Glupteba.Backdoor.Bruteforce.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Glupteba.Backdoor.Bruteforce.DDS virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial language used in binary resources: Serbian
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Glupteba.Backdoor.Bruteforce.DDS?



File Info:

crc32: A4EB20D3
md5: a7ef3660b5b7d5e430e4940b19582c60
name: A7EF3660B5B7D5E430E4940B19582C60.mlw
sha1: ecaac059a5ca16beb5dfd41ea92a98355924690c
sha256: db2d641b1a96b0b1dbaa96ea47d36d8cfe14aea247eac1283fd3bebbf81fbb3b
sha512: 8cb0cefc4bba0aff601aa17cfd1fb4daefe974eefae5521e5971fdff873ac04fbfb1515358f4484349fef3680c1b00e267c225574020074c4b9419ba21ff027e
ssdeep: 6144:6IQgomllhL+ejFzzT6jnNKPqR8stXhxhC/jZ2wghadVuBgSl:tljTRC0PWfxhC/j0wcWUBg
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

InternalName: triwilbifor.occ
FileVersion: 6.26.341
Copyright: Copyrighz (C) 2020, wodkagudy
ProductVersion: 1.13.21
TranslationUsa: 0x0173 0x00e1

Glupteba.Backdoor.Bruteforce.DDS also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.45482155
ALYacTrojan.GenericKD.45482155
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusTrojan ( 005763941 )
AlibabaBackdoor:Win32/Azorult.68fc4e8e
K7GWTrojan ( 005763941 )
Cybereasonmalicious.9a5ca1
CyrenW32/Trojan.UBRI-4851
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Fugrafa-9821776-0
KasperskyTrojan.Win32.Zenpak.beop
BitDefenderTrojan.GenericKD.45482155
ViRobotTrojan.Win32.Z.Kryptik.330240.UL
RisingTrojan.Kryptik!1.D106 (CLASSIC)
Ad-AwareTrojan.GenericKD.45482155
EmsisoftTrojan.Crypt (A)
ComodoMalware@#1r2ezj05n7y61
F-SecureTrojan.TR/Crypt.Agent.cneko
DrWebTrojan.DownLoader36.35410
ZillyaTrojan.Kryptik.Win32.2828725
TrendMicroTrojan.Win32.MALREP.THAAEBA
McAfee-GW-EditionBehavesLike.Win32.RansomGandCrab.fc
FireEyeGeneric.mg.a7ef3660b5b7d5e4
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.45482155
WebrootW32.Trojan.Gen
AviraTR/Crypt.Agent.cneko
eGambitUnsafe.AI_Score_97%
KingsoftWin32.Troj.Undef.(kcloud)
GridinsoftTrojan.Win32.Packed.oa
ArcabitTrojan.Generic.D2B600AB
ZoneAlarmTrojan.Win32.Zenpak.beop
MicrosoftTrojan:Win32/Azorult.MT!MTB
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C4301824
Acronissuspicious
McAfeeGenericRXAA-AA!A7EF3660B5B7
VBA32BScope.Trojan.Azorult
MalwarebytesGlupteba.Backdoor.Bruteforce.DDS
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Kryptik.HIVF
TrendMicro-HouseCallTrojan.Win32.MALREP.THAAEBA
TencentWin32.Trojan.Zenpak.Lpln
IkarusTrojan.MalPack
FortinetW32/Kryptik.HIRY!tr
BitDefenderThetaGen:NN.ZexaF.34780.umKfa4l7fXjG
AVGWin32:BotX-gen [Trj]
AvastWin32:BotX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360Generic/HEUR/QVM11.1.A4EB.Malware.Gen

How to remove Glupteba.Backdoor.Bruteforce.DDS?

Glupteba.Backdoor.Bruteforce.DDS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment