Trojan

Trojan-Dropper.Win32.Dapato.pdxl information

Malware Removal

The Trojan-Dropper.Win32.Dapato.pdxl is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.Win32.Dapato.pdxl virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Created a process from a suspicious location

How to determine Trojan-Dropper.Win32.Dapato.pdxl?



File Info:

name: 940D17FC63FF844DE837.mlw
path: /opt/CAPEv2/storage/binaries/93a9502d41660a79540809cc1acdf91c465bd8d66751c420d9041e356fc05408
crc32: C7F3BD71
md5: 940d17fc63ff844de837c2b59bcbc4bb
sha1: 991abb2807c0174192be98d62d226ce25d5705c6
sha256: 93a9502d41660a79540809cc1acdf91c465bd8d66751c420d9041e356fc05408
sha512: 9fc0aab4b79df7ca52f79944669d0a7c02eeb0a6a2298aa4b6d0c8d89ae66d752abf04349327a0ff8b9a811a853e8851e58e53a0755b3f54309f1cf08943235d
ssdeep: 12288:kjr0oltRLRKEGww7QqdDweWvDhF79sWEYoNnEcqhoK3WXZ+Q6:c0oljLUSwRdDweAL7pEYkEcqiKmJz6
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T11A0501057280C47BD1A55570CC8EE2F45766BC202D56B27FB4E8EF0F79FE8534A9AA80
sha3_384: 12310e73597a38d93ba74988e1edcbb62ed6448fc7c9ad16312ea5e87ab726743e9bac16b3c0c839718ca4aa455229b0
ep_bytes: 558becb90a0000006a006a004975f953
timestamp: 2011-04-06 00:43:53


Version Info:

CompanyName: QuickSoft
FileDescription: QuickGPSFix for Tomtom
FileVersion:  3.10.00.00
InternalName: 
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: QuickGPSFix-TT.exe
ProductName: QuickGPSFix-TT
ProductVersion:  0. 0. 0. 0
Comments: 
Translation: 0x0409 0x04e4

Trojan-Dropper.Win32.Dapato.pdxl also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.lhQR
MicroWorld-eScanTrojan.GenericKD.46165975
FireEyeGeneric.mg.940d17fc63ff844d
ALYacTrojan.GenericKD.46165975
AlibabaTrojanDropper:Win32/Dapato.dbbf8839
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R02CH07KQ21
ClamAVWin.Trojan.648596-1
KasperskyTrojan-Dropper.Win32.Dapato.pdxl
BitDefenderTrojan.GenericKD.46165975
RisingTrojan.Generic@ML.87 (RDML:8OQIm84eLbIvz0XHiZk14Q)
Ad-AwareTrojan.GenericKD.46165975
EmsisoftTrojan.GenericKD.46165975 (B)
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
SophosMal/Generic-S
GridinsoftRansom.Win32.Gen.sa
MicrosoftTrojan:Win32/Zpevdo.B
ViRobotTrojan.Win32.Z.Dapato.846848
GDataTrojan.GenericKD.46165975
McAfeeArtemis!940D17FC63FF
VBA32TrojanDropper.Dapato
APEXMalicious
TencentTrojan.Win32.BitCoinMiner.la
SentinelOneStatic AI – Suspicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/Dapato.PDXL!tr
Cybereasonmalicious.807c01

How to remove Trojan-Dropper.Win32.Dapato.pdxl?

Trojan-Dropper.Win32.Dapato.pdxl removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment