Trojan

About “Trojan-Downloader.Win32.Upatre.jfrd” infection

Malware Removal

The Trojan-Downloader.Win32.Upatre.jfrd is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Upatre.jfrd virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid

How to determine Trojan-Downloader.Win32.Upatre.jfrd?



File Info:

name: 0DB073CDBCFB129BD54A.mlw
path: /opt/CAPEv2/storage/binaries/7222f240704d6184b9e4e1b4292cdef9a0b9d24af8c826c2e94c01a713e8610f
crc32: D3C4EF32
md5: 0db073cdbcfb129bd54a04f7cf8ff98d
sha1: 55082bb7a9f5252e82dfaba01e921bf861111055
sha256: 7222f240704d6184b9e4e1b4292cdef9a0b9d24af8c826c2e94c01a713e8610f
sha512: 1e2fa33b967e9d977efe2234d3f91aaa04195080fb030347d7485b7f3aaa915d0bd5ebe17ef558b9fc581298428098e454be2249fe68466250813cb7dd75cdc1
ssdeep: 98304:g3AoChadNfopITe4npo6AHoqXkxAIwwUJb9JjYvNx8vZXXrE2X70jYY5urpAb:5nCopITe4nm7HGArwUB9JeaX7Ec70jv3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C84623B3427A0041E1E6CD3BC6277DD434F347A65A87AC3E59A6BDC01A255E0F712AE3
sha3_384: 0b1073721f3c955a602ee4634c141e7978a1b8de2be382ba3cf00236c2a57eeca7ac675bd65c2b98a82ddcfabf4d95c1
ep_bytes: 6859d8ba1be808e3faff8b0e0fbae0f3
timestamp: 2013-06-15 16:44:28


Version Info:

0: [No Data]

Trojan-Downloader.Win32.Upatre.jfrd also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
FireEyeGeneric.mg.0db073cdbcfb129b
CylanceUnsafe
K7AntiVirusTrojan ( 7000001c1 )
AlibabaTrojanDownloader:Win32/Upatre.0d4f35e8
K7GWTrojan ( 7000001c1 )
Cybereasonmalicious.7a9f52
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.VMProtect.SN
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Downloader.Win32.Upatre.jfrd
AvastFileRepMalware [Misc]
McAfee-GW-EditionArtemis!Trojan
Trapminemalicious.high.ml.score
SophosMal/VMProtBad-A
SentinelOneStatic AI – Malicious PE
GDataMSIL.Trojan-Stealer.GinzoStealer.KOV1QR
AviraHEUR/AGEN.1210633
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3PUP/Win32.RL_ConvertAd.R362678
Acronissuspicious
McAfeeArtemis!0DB073CDBCFB
VBA32BScope.Trojan.Vigorf
MalwarebytesMalware.Heuristic.1003
RisingTrojan.Generic@AI.90 (RDMK:cmRtazq+qhNd2epyuITrD6DFNEjf)
YandexTrojan.GenAsa!F7GxKnMDlbs
IkarusTrojan.Win32.VMProtect
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaF.34742.@xY@aKUBzD
AVGFileRepMalware [Misc]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Trojan-Downloader.Win32.Upatre.jfrd?

Trojan-Downloader.Win32.Upatre.jfrd removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment