Trojan

Trojan-Dropper.Win32.Dapato.qdst (file analysis)

Malware Removal

The Trojan-Dropper.Win32.Dapato.qdst is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.Win32.Dapato.qdst virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself

How to determine Trojan-Dropper.Win32.Dapato.qdst?



File Info:

crc32: 7244744B
md5: e2342dbaac48d30a7551854a6d301e5e
name: buts.exe
sha1: b84a644f5bbb9ce665f8341cbbade9347b33be35
sha256: f3cd206aa585f3324aedcd551239fbf25ef82fe7791cea4720b6549109836924
sha512: 94394faf6b5bda1928c682bb6fcdfb1108ad787506c3924c4631c44ac1beeefacce46f0ee2919cf4d079d1eb35ff50050e45d2bd073f9f91336de10810800d42
ssdeep: 12288:KvXkPb2qaFWzjWpqZA9rQ+7mpcVrubjW6Q:KvqbI8ZqrQ+7OcVr1x
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2000-2001
InternalName: SafeClean
FileVersion: 0.01 ALPHA
CompanyName: Nexus CompuSoft Tech.
PrivateBuild: nO PUBLICILY BUILD
LegalTrademarks: NCT ou NxNT ( Nexus Networks)
Comments: This Software is bought to you by Nexus CompuSoft  Tech.  Programmer : Balkrishna Talele.
ProductName: SafeClean Application
SpecialBuild: Yeh! Build with Haka noodles and pepper mint.
ProductVersion: 0.01 ALPHA
FileDescription: SafeClean MFC Application
OriginalFilename: SafeClean.EXE
Translation: 0x0409 0x04b0

Trojan-Dropper.Win32.Dapato.qdst also known as:

BkavW32.AIDetectVM.malware2
DrWebTrojan.Inject3.36216
MicroWorld-eScanTrojan.GenericKD.33539593
CAT-QuickHealTrojanDropper.Dapato
Qihoo-360Win32/Trojan.Dropper.c0e
McAfeeArtemis!E2342DBAAC48
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Dapato.b!c
K7AntiVirusTrojan ( 005626121 )
BitDefenderTrojan.GenericKD.33539593
K7GWTrojan ( 005626121 )
SymantecTrojan.Gen.MBT
APEXMalicious
AvastWin32:BankerX-gen [Trj]
GDataTrojan.GenericKD.33539593
KasperskyTrojan-Dropper.Win32.Dapato.qdst
AlibabaTrojanDropper:Win32/dropper.ali1003001
RisingDropper.Dapato!8.2A2 (CLOUD)
Ad-AwareTrojan.GenericKD.33539593
SophosMal/Generic-S
F-SecureTrojan.TR/AD.TrickBot.ijyud
McAfee-GW-EditionArtemis
Trapminemalicious.high.ml.score
EmsisoftTrojan.GenericKD.33539593 (B)
IkarusTrojan.Win32.Krypt
AviraTR/AD.TrickBot.ijyud
Antiy-AVLTrojan[Dropper]/Win32.Dapato
ArcabitTrojan.Generic.D1FFC609
ZoneAlarmTrojan-Dropper.Win32.Dapato.qdst
MicrosoftTrojan:Win32/Tiggre!rfn
MAXmalware (ai score=100)
MalwarebytesTrojan.MalPack
PandaTrj/CI.A
ESET-NOD32a variant of Win32/GenKryptik.EGDR
TrendMicro-HouseCallTROJ_GEN.R011H0CCE20
TencentWin32.Trojan-dropper.Dapato.Ahea
FortinetW32/Kryptik.HBQI!tr
AVGWin32:BankerX-gen [Trj]
MaxSecureTrojan.Malware.77515293.susgen

How to remove Trojan-Dropper.Win32.Dapato.qdst?

Trojan-Dropper.Win32.Dapato.qdst removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment