Malware

RemoteAdmin.Win32.NetCat information

Malware Removal

The RemoteAdmin.Win32.NetCat is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What RemoteAdmin.Win32.NetCat virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Detected Armadillo packer using a known registry key
  • Anomalous binary characteristics

How to determine RemoteAdmin.Win32.NetCat?



File Info:

name: D0ECC1DB965FF6351C20.mlw
path: /opt/CAPEv2/storage/binaries/8ef26c67f91c78dc23bf9ef9106faf22f2a8cc2f8fcc877b0e4f4c293c64781d
crc32: AC5029F1
md5: d0ecc1db965ff6351c20f561c965bb62
sha1: 8044393238bc848ef5949c7454a60cce5cf7c750
sha256: 8ef26c67f91c78dc23bf9ef9106faf22f2a8cc2f8fcc877b0e4f4c293c64781d
sha512: c8b581536bed244fda883f93a464f6fbe7788377f8c98f0220f7d737dbf487cfa1564810efb27a25eef774f067968a315c6274d86283a84fa388ef6fde16adda
ssdeep: 3072:e2bgFyNXECeWeSNWIxOP5+cJ97bHg753k+pBDJda46pDwJ0i8vv3844B6V:7g9XS48OxM046qEv384Gq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11904120CCFA26D2AE4067476590EFC6B612CEC37F0362B471ED45F5A6DA6A87AC30543
sha3_384: 73709cae61917cd56acb8b2a9d2c94743f34bf635a6d778e52ac914c1df908e7ce4b60ab9d6357c907ff12e2d0ff9161
ep_bytes: 55be00604a008dbe00b0f5ff5783cdff
timestamp: 2023-04-09 01:33:56


Version Info:

Comments: 
CompanyName: The Silicon Realms Toolworks
FileDescription: The Armadillo Software Protection System
FileVersion: 2.00
InternalName: Armadillo
LegalCopyright: Copyright © 1999-2001 by Chad Nelson and the Silicon Realms Toolworks. All rights reserved.
LegalTrademarks: 
OriginalFilename: Armadillo.exe
PrivateBuild: 
ProductName: Armadillo
ProductVersion: 2.00
SpecialBuild: 
Translation: 0x0409 0x04b0

RemoteAdmin.Win32.NetCat also known as:

LionicTrojan.Win32.Generic.4!c
ClamAVWin.Trojan.Agent-526387
SkyhighBehavesLike.Win32.Generic.cc
McAfeeArtemis!59D397B82B8C
SangforTrojan.Win32.Dynamer.Vw57
AlibabaTrojan:Win32/Generic.1523ae55
VirITTrojan.Win32.DownLoad.NOO
SymantecTrojan.Gen.6
Elasticmalicious (moderate confidence)
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:RemoteAdmin.Win32.NetCat.gen
DrWebTrojan.DownLoad.9166
Trapminemalicious.high.ml.score
SophosGeneric Reputation PUA (PUA)
SentinelOneStatic AI – Suspicious PE
WebrootW32.Malware.Heur
Antiy-AVLGrayWare/Win32.Kryptik.pe
KingsoftWin32.Troj.Unknown.a
XcitiumPacked.Win32.MUPX.Gen@24tbus
ZoneAlarmnot-a-virus:HEUR:RemoteAdmin.Win32.NetCat.gen
Cylanceunsafe
PandaTrj/CI.A
RisingTrojan.Dynamer!8.3A0 (C64:YzY0Oth3uvZutw9Z)
MaxSecureTrojan.Malware.300983.susgen
DeepInstinctMALICIOUS

How to remove RemoteAdmin.Win32.NetCat?

RemoteAdmin.Win32.NetCat removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment