Surubat.Backdoor.Bot.DDS removal

The Surubat.Backdoor.Bot.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Surubat.Backdoor.Bot.DDS virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Surubat.Backdoor.Bot.DDS?


File Info:
name: EA03F3D7EF12F173EEE7.mlw
path: /opt/CAPEv2/storage/binaries/4766c85d21e1b1b96e810b981bd2dde9a1b3f18aad2c0365f71b194fdd62e95f
crc32: 159C9D13
md5: ea03f3d7ef12f173eee7be7790d6458d
sha1: 1cb38139110552d3b74440d291b082a8e024ef8d
sha256: 4766c85d21e1b1b96e810b981bd2dde9a1b3f18aad2c0365f71b194fdd62e95f
sha512: 25cd6748f853ea19a9ee342babde81a2aa0e843b0cfdf17b36ee908da2b87a2de87a31be2d42c8d2913813d4220c7d733242973baf82c892b9bd3a7ad213d08f
ssdeep: 1536:EGjuPg3YP4cdTEu+ECZZpBqPDQQVgd54v/oqPD:EGC43DkTv+XZZpBqPDQL7soqPD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FE740A42F3965CA2EE18917215132AB28BD71E11565EEA163224FFBB7CB30DC5E1E343
sha3_384: be70a4854f15d1b1426092a234e4aca0236a7ec543078306899857ba3a285db835c0f7c7cc6efc1b16f9cdafe8a14d6b
ep_bytes: 00000000000000000000000000000000
timestamp: 2006-08-10 12:16:57

Version Info:
0: [No Data]

Surubat.Backdoor.Bot.DDS also known as:

Lionic	Trojan.Win32.Generic.4!c
ClamAV	Win.Trojan.Generic-9907673-0
FireEye	Generic.mg.ea03f3d7ef12f173
Malwarebytes	Surubat.Backdoor.Bot.DDS
Sangfor	Suspicious.Win32.Save.ins
Alibaba	Backdoor:Win32/IRCBot.7168f3c9
Cybereason	malicious.911055
Cyren	W32/KeyIso.A.gen!Eldorado
Elastic	malicious (high confidence)
APEX	Malicious
Cynet	Malicious (score: 100)
Avast	Win32:IRCBot-ANZ [Trj]
F-Secure	Backdoor.BDS/Agent.193537
McAfee-GW-Edition	BehavesLike.Win32.Generic.fm
Trapmine	malicious.high.ml.score
Sophos	Generic ML PUA (PUA)
Ikarus	Backdoor.Win32.IRCBot
Avira	BDS/Agent.193537
Antiy-AVL	Trojan/Win32.Ditertag
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
Acronis	suspicious
McAfee	Artemis!EA03F3D7EF12
Rising	Trojan.Generic@AI.98 (RDML:riioHn9haHS4RCwBhTmWTA)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/KeyIso.A!tr
AVG	Win32:IRCBot-ANZ [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Surubat.Backdoor.Bot.DDS?

Surubat.Backdoor.Bot.DDS removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X