Categories: Backdoor

Qbot.Backdoor.Stealer.DDS information

The Qbot.Backdoor.Stealer.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Qbot.Backdoor.Stealer.DDS virus can do?

Injection (inter-process)
Executable code extraction
Injection with CreateRemoteThread in a remote process
Creates RWX memory
A process attempted to delay the analysis task.
Reads data out of its own binary image
Uses Windows utilities for basic functionality
Detects Sandboxie through the presence of a library
A potential decoy document was displayed to the user
Checks the version of Bios, possibly for anti-virtualization
Attempts to modify proxy settings
Collects information to fingerprint the system

Related domains:

www.selfdislikedfarfet.site

How to determine Qbot.Backdoor.Stealer.DDS?


File Info:
crc32: BE849C61md5: 89409a36250c77cfcef7c4d1f3d23c18name: 89409A36250C77CFCEF7C4D1F3D23C18.mlwsha1: fe5b8eb015b65b4b704b9e11ac08bbc790d2e3c9sha256: dd2331810e231094aca2081105635e2a11c7bcf58ac0d6c85938f8f64f58b544sha512: b551a83f66beafee9dae462dd59b80e7f05f32ef01772c2e234a125af6083c2d5f5f90c0945b2a687b4d60b769d3f43949cedd2fb3eab8ae0cd666fbfffc014cssdeep: 12288:Y5+wR1NxCPSb7UpACyipwIg2BLPHJo/IB/v3wcoxP5Eg7XEqpMgC8MV8we6H:vwRDspDyipjLPmllw2MgAV8B6Htype: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Version Info:
0: [No Data]

Qbot.Backdoor.Stealer.DDS also known as:

Bkav	W32.AIDetectVM.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Application.Bundler.AKZ
FireEye	Generic.mg.89409a36250c77cf
CAT-QuickHeal	Trojan.Agent
ALYac	Application.Bundler.AKZ
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan ( 005107741 )
BitDefender	Application.Bundler.AKZ
K7GW	Trojan ( 0051119f1 )
Cybereason	malicious.6250c7
Baidu	Win32.Trojan.Kryptik.blo
Cyren	W32/S-646139ac!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Adware-gen [Adw]
Kaspersky	not-a-virus:HEUR:Downloader.Win32.Generic
NANO-Antivirus	Trojan.Win32.AdLoad.eqopqm
AegisLab	Trojan.Win32.Generic.4!c
Rising	Trojan.Kryptik!1.ABD9 (CLASSIC)
Ad-Aware	Application.Bundler.AKZ
Emsisoft	Application.Bundler.AKZ (B)
Comodo	Application.Win32.AdLoad.FTZY@75b6kz
F-Secure	Adware.ADWARE/AD.Amonetize
DrWeb	Trojan.Amonetize.14386
Zillya	Downloader.Adload.Win32.93
McAfee-GW-Edition	BehavesLike.Win32.Generic.bh
Sophos	Amonetize (PUA)
Ikarus	PUA.Bundler
Jiangmin	Downloader.AdLoad.mmn
Avira	ADWARE/AD.Amonetize.vnqay
eGambit	Unsafe.AI_Score_87%
MAX	malware (ai score=77)
Antiy-AVL	RiskWare[Downloader]/Win32.AdLoad
Microsoft	TrojanDownloader:Win32/Adload.AG!MTB
Arcabit	Application.Bundler.AKZ
SUPERAntiSpyware	PUP.Amonetize/Variant
ZoneAlarm	not-a-virus:HEUR:Downloader.Win32.Generic
GData	Application.Bundler.AKZ
Cynet	Malicious (score: 100)
AhnLab-V3	PUP/Win32.Amonetize.R203704
Acronis	suspicious
McAfee	Adware-InstCap
VBA32	Malware-Cryptor.General.3
Malwarebytes	Qbot.Backdoor.Stealer.DDS
Panda	Trj/Genetic.gen
ESET-NOD32	a variant of Win32/Kryptik.FUBS
Tencent	Malware.Win32.Gencirc.10b3209d
Yandex	Trojan.GenAsa!A2rXc3HC2nI
SentinelOne	Static AI – Malicious PE – Adware
Fortinet	W32/Kryptik.FWHN!tr
BitDefenderTheta	Gen:NN.ZexaF.34804.SSW@aacchhci
AVG	Win32:Adware-gen [Adw]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (D)
Qihoo-360	Win32/Virus.Downloader.13f