Malware

Troj/Mdrop-JTO malicious file

Malware Removal

The Troj/Mdrop-JTO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/Mdrop-JTO virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Mimics icon used for popular non-executable file format
  • Anomalous binary characteristics

How to determine Troj/Mdrop-JTO?



File Info:

name: 8FBB6BA8A4186C655341.mlw
path: /opt/CAPEv2/storage/binaries/4596f97715d07f8e0bc2c476c74a8f9916b837a9cb64f3dedf7bf4c2072cf865
crc32: C00918B2
md5: 8fbb6ba8a4186c655341743e03a04f72
sha1: b9560e2ffd5fcf331e6559c1a17265d80254e729
sha256: 4596f97715d07f8e0bc2c476c74a8f9916b837a9cb64f3dedf7bf4c2072cf865
sha512: 4551ef2412aac677170a6c93250de325bc89bb1c2b19b8f24868a213e16e08e01ee29c7e1a68f92989b15460d71d2efe40c605b6dbb6541a5e7abef16e96ef1b
ssdeep: 24576:uaOMMf/95wLSaiKpHTeDLZmM18UZmijN4L0kGjg:uaOMMfuJiKUXZmk3ZmijN4LxGjg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A825E102F98042B0C5D52A725C7E45420B76AEAB41E9ED9721C8B70A3973D11D73ABFE
sha3_384: 359d1d2eef5a4c33e6a8beec8c741b8903db64d3f2dd22a2257c75d22af0a6fb74f7b0d09dd875dec453a4719a7873f0
ep_bytes: e8ff190000e97ffeffff3b0da0404100
timestamp: 2011-05-16 04:20:07


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft Word
FileVersion: 14.0.6024.1000
InternalName: WinWord
LegalCopyright: © 2010 Microsoft Corporation.  All rights reserved.
LegalTrademarks1: Microsoft® is a registered trademark of Microsoft Corporation.
LegalTrademarks2: Windows® is a registered trademark of Microsoft Corporation.
OriginalFilename: WinWord.exe
ProductName: Microsoft Office 2010
ProductVersion: 14.0.6024.1000
Translation: 0x0000 0x04e4

Troj/Mdrop-JTO also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.GenericKDZ.98267
ClamAVWin.Malware.Facido-9768987-0
SkyhighBehavesLike.Win32.Generic.dc
McAfeeGenericRXMT-FC!8FBB6BA8A418
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.Agent.Win32.3743711
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005490181 )
K7GWTrojan ( 005490181 )
CrowdStrikewin/malicious_confidence_100% (D)
ArcabitTrojan.Generic.D17FDB
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDropper.Agent.RTY
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.GenericKDZ.98267
NANO-AntivirusTrojan.Win32.Fakealert.fhnukn
AvastWin32:DropperX-gen [Drp]
TencentTrojan-Dropper.Win32.Agent.kg
EmsisoftTrojan.GenericKDZ.98267 (B)
F-SecureTrojan.TR/Crypt.ZPACK.Gen2
DrWebTrojan.Fakealert.58572
VIPRETrojan.GenericKDZ.98267
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.8fbb6ba8a4186c65
SophosTroj/Mdrop-JTO
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.hrsto
GoogleDetected
AviraTR/Crypt.ZPACK.Gen2
MAXmalware (ai score=89)
Antiy-AVLTrojan[Dropper]/Win32.Facido
XcitiumTrojWare.Win32.TrojanDropper.Facido.A@7d50kc
MicrosoftTrojanDropper:Win32/Facido.A!bit
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataWin32.Trojan.PSE.18RDAY1
VaristW32/FakeAlert.AEG.gen!Eldorado
AhnLab-V3Dropper/Win.Generic.R562080
Acronissuspicious
VBA32BScope.TrojanDropper.Agent
ALYacTrojan.GenericKDZ.98267
Cylanceunsafe
PandaTrj/Genetic.gen
RisingDropper.Agent!1.B38C (CLASSIC)
YandexTrojan.Agent!9JkGJus7ezo
IkarusTrojan-Dropper.Win32.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.RTY!tr
BitDefenderThetaGen:NN.ZexaF.36792.843@ayV3NWci
AVGWin32:DropperX-gen [Drp]
Cybereasonmalicious.ffd5fc
DeepInstinctMALICIOUS

How to remove Troj/Mdrop-JTO?

Troj/Mdrop-JTO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment