Trojan

What is “Trojan.Downloader.amGfamDQTTf”?

Malware Removal

The Trojan.Downloader.amGfamDQTTf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Downloader.amGfamDQTTf virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Downloader.amGfamDQTTf?



File Info:

name: 94B540447445A7ACFB2A.mlw
path: /opt/CAPEv2/storage/binaries/a7df14c95fdfc31fa04ea7aa223073cb9d68db94b5d53410520b8658402a8f52
crc32: 4C46D50B
md5: 94b540447445a7acfb2ab2a408d4122f
sha1: 6f61436ca756c030bca83744463a8fd94aeb7b56
sha256: a7df14c95fdfc31fa04ea7aa223073cb9d68db94b5d53410520b8658402a8f52
sha512: b43cb698746e010cbf28dbe4c0f6326d8dfd9978ee436862a860cf8b20445013f70a7ebf907f48508e532224d34fe414f548894942e6a0c68702c6d147d38f31
ssdeep: 192:nVW7J4BuOiId9M7o20/apyd56Wh8wsPzz1xGddoIsQt/m:iuBuO1TMst/apyd56WhUMsK/m
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17E127CCB993C98A7D9E792725738C4046BD0AC730B5E1AC8DFB891A759C25634B3CB24
sha3_384: 1b1d7c0797517ba1e1e12ee1731e34122a3c7fcdb938650d63803c5aa2ac854ad34dff75aeacdfe8f361b31b72a3f51b
ep_bytes: 60be00b040008dbe0060ffff5783cdff
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Trojan.Downloader.amGfamDQTTf also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Delf.a!c
Elasticmalicious (moderate confidence)
CynetMalicious (score: 100)
CMCGeneric.Win32.94b5404474!MD
SkyhighBehavesLike.Win32.Generic.zc
McAfeeArtemis!94B540447445
Cylanceunsafe
ZillyaDownloader.Delf.Win32.13497
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 7000000f1 )
BitDefenderGen:Trojan.Downloader.amGfamDQTTf
K7GWTrojan ( 7000000f1 )
CrowdStrikewin/malicious_confidence_90% (W)
SymantecTrojan.Qhosts
ESET-NOD32Win32/TrojanDownloader.SMW.A
APEXMalicious
ClamAVWin.Downloader.14824-1
KasperskyTrojan-Downloader.Win32.Delf.aas
AlibabaTrojanDownloader:Win32/DelpDldr.f8bd005c
MicroWorld-eScanGen:Trojan.Downloader.amGfamDQTTf
RisingDownloader.Generic!8.141 (TFE:5:tdbYkRH9PhU)
EmsisoftGen:Trojan.Downloader.amGfamDQTTf (B)
F-SecureTrojan.TR/Dldr.Delphi.Gen
DrWebTrojan.DownLoader.46800
VIPREGen:Trojan.Downloader.amGfamDQTTf
TrendMicroTROJ_DELF.LGX
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.94b540447445a7ac
SophosMal/DelpDldr-B
SentinelOneStatic AI – Malicious PE
GDataGen:Trojan.Downloader.amGfamDQTTf
JiangminTrojanDownloader.Small.cf
WebrootW32.Trojan.Trojan-Downloader.Ge
VaristW32/Downloader-Sml!Eldorado
AviraTR/Dldr.Delphi.Gen
Antiy-AVLTrojan[Downloader]/Win32.Delf
KingsoftWin32.Troj.Undef.a
XcitiumTrojWare.Win32.TrojanDownloader.SMW.A@1i3c
ArcabitTrojan.Downloader.amGfamDQTTf
ViRobotTrojan.Win32.Downloader.9216.AO
ZoneAlarmTrojan-Downloader.Win32.Delf.aas
MicrosoftTrojan:Win32/Comame!gmb
GoogleDetected
ALYacSpyware.OnlineGames
MAXmalware (ai score=100)
DeepInstinctMALICIOUS
VBA32Trojan-Downloader.Win32.Small.102210
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/Legmir.ATU
TrendMicro-HouseCallTROJ_DELF.LGX
TencentWin32.Trojan-Downloader.Delf.Jflw
YandexTrojan.GenAsa!1J6LTRSkLmA
IkarusTrojan-Downloader.Win32.Delf.aas
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Banload.UCL!tr.dldr
BitDefenderThetaAI:Packer.DD1DDD291E
AVGWin32:Trojan-gen
Cybereasonmalicious.ca756c
AvastWin32:Trojan-gen

How to remove Trojan.Downloader.amGfamDQTTf?

Trojan.Downloader.amGfamDQTTf removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment