Categories: Spy

QQTen.Spyware.Stealer.DDS removal instruction

The QQTen.Spyware.Stealer.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What QQTen.Spyware.Stealer.DDS virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine QQTen.Spyware.Stealer.DDS?


File Info:
name: 7F7128D5EE685C6D47E3.mlwpath: /opt/CAPEv2/storage/binaries/0fabd98c1f57fb295236d4bc60427f968486a69492cbf189ee9ea288a2108b23crc32: 3E29BE5Bmd5: 7f7128d5ee685c6d47e36ba93461753asha1: d7ff4805962b329e87804ec5fb553e5f23d4dbecsha256: 0fabd98c1f57fb295236d4bc60427f968486a69492cbf189ee9ea288a2108b23sha512: a5bac613b3f3f88a7d8318a60cae0c497c1d929fc065f543dff034e32263abc67ce2a3a0a23f2e2242f53e24c30838830f51a16486ece0fd473382804d8bc99cssdeep: 24576:4Wt2rUVv058EoBXpu8SXIXBkAmoLjGuRR3I:4EdCoBXjaIXs+R4type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T14C65AE23F182C0F2C2061530596657F6EE35BE5EAE148B93B3A4FFAC1E32151D53729Asha3_384: 52abff2d9b4f91bbd1530f604861abfa56746acd6a8b56654e741a7ae18e4c5a90403299e03f78ebf7ee7c4de6b70fd6ep_bytes: 558bec6aff6838ef530068c431480064timestamp: 2023-02-20 08:06:13
Version Info:
FileVersion: 1.0.0.0FileDescription: 易语言程序ProductName: 易语言程序ProductVersion: 1.0.0.0LegalCopyright: 作者版权所有 请尊重并使用正版Comments: 本程序使用易语言编写(http://www.eyuyan.com)Translation: 0x0804 0x04b0

QQTen.Spyware.Stealer.DDS also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Multi.Generic.muUy
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Heur.PWSIME.2
FireEye	Generic.mg.7f7128d5ee685c6d
ALYac	Gen:Heur.PWSIME.2
Cylance	unsafe
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	Trojan ( 005246d51 )
Alibaba	Worm:Win32/Siggen.074eafbb
K7GW	Trojan ( 005246d51 )
Cybereason	malicious.5ee685
BitDefenderTheta	Gen:NN.ZexaF.36196.Cr0@aOydA3lb
Cyren	W32/Trojan.GRW.gen!Eldorado
tehtris	Generic.Malware
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Worm.Autorun-5224
Kaspersky	not-a-virus:UDS:RiskTool.Win32.IMEStartup.ah
BitDefender	Gen:Heur.PWSIME.2
Avast	Win32:TrojanX-gen [Trj]
Sophos	Generic Reputation PUA (PUA)
Baidu	Win32.Trojan.FakeIME.d
VIPRE	Gen:Heur.PWSIME.2
TrendMicro	TROJ_GEN.R011C0WBM23
McAfee-GW-Edition	BehavesLike.Win32.Generic.tm
Trapmine	suspicious.low.ml.score
Emsisoft	Application.Generic (A)
Ikarus	Trojan.Siggen
GData	Win32.Trojan.PSE.15MOKEC
Jiangmin	RiskTool.IMEStartup.fgx
Google	Detected
Antiy-AVL	Trojan/Win32.FlyStudio.a
Xcitium	Worm.Win32.Dropper.RA@1qraug
Arcabit	Trojan.PWSIME.2
ZoneAlarm	not-a-virus:UDS:RiskTool.Win32.IMEStartup.ah
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.RL_Generic.R366174
McAfee	GenericRXAA-AA!7F7128D5EE68
MAX	malware (ai score=84)
VBA32	BScope.Trojan.Wacatac
Malwarebytes	QQTen.Spyware.Stealer.DDS
TrendMicro-HouseCall	TROJ_GEN.R011C0WBM23
Rising	Trojan.Generic@AI.95 (RDML:bIyKTdoPsnV0AUb4OoZypQ)
SentinelOne	Static AI – Malicious PE
Fortinet	W32/CoinMiner.PHP!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (D)