Trojan

What is “Trojan-Dropper.Win32.Dapato.qegh”?

Malware Removal

The Trojan-Dropper.Win32.Dapato.qegh is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.Win32.Dapato.qegh virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself

How to determine Trojan-Dropper.Win32.Dapato.qegh?



File Info:

crc32: 0100390B
md5: 5102cc533c7eab20d0326356d868b85c
name: tmpae_qu3i6
sha1: 26b36c35485b2b29c902cb95a7e568fe26820642
sha256: cabe009cd930c2f2a9be83f4bc02a61d31b689f8898731eebe3dc5029a00085c
sha512: 468e97bcf3051bc7e04f99fb739bfceb0ba3addc86acd418bd9148673b9b6843ee8fa27d755353f116d2b310d9c442c17b6fcbf077518d1297e177609ae9d884
ssdeep: 12288:5Hp95ME3VUd3+Jh2VEEWzjOpq8hztAD8Y7se8Wwc31J41Q:5lMAUdjEJH7z5wk1OC
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2000-2001
InternalName: SafeClean
FileVersion: 0.01 ALPHA
CompanyName: Nexus CompuSoft Tech.
PrivateBuild: nO PUBLICILY BUILD
LegalTrademarks: NCT ou NxNT ( Nexus Networks)
Comments: This Software is bought to you by Nexus CompuSoft  Tech.  Programmer : Balkrishna Talele.
ProductName: SafeClean Application
SpecialBuild: Yeh! Build with Haka noodles and pepper mint.
ProductVersion: 0.01 ALPHA
FileDescription: SafeClean MFC Application
OriginalFilename: SafeClean.EXE
Translation: 0x0409 0x04b0

Trojan-Dropper.Win32.Dapato.qegh also known as:

DrWebTrojan.Trick.46529
MicroWorld-eScanTrojan.Agent.ENLF
ALYacTrojan.Agent.ENLF
CylanceUnsafe
BitDefenderTrojan.Agent.ENLF
F-ProtW32/Trickbot.CZ.gen!Eldorado
APEXMalicious
AvastWin32:CrypterX-gen [Trj]
GDataTrojan.Agent.ENLF
KasperskyTrojan-Dropper.Win32.Dapato.qegh
Ad-AwareTrojan.Agent.ENLF
EmsisoftTrojan.Agent.ENLF (B)
F-SecureTrojan.TR/AD.TrickBot.kgbgo
Trapminemalicious.high.ml.score
CyrenW32/Trickbot.CZ.gen!Eldorado
JiangminTrojanDropper.Dapato.abgx
AviraTR/AD.TrickBot.kgbgo
MAXmalware (ai score=82)
Antiy-AVLTrojan[Dropper]/Win32.Dapato
Endgamemalicious (high confidence)
ArcabitTrojan.Agent.ENLF
ZoneAlarmTrojan-Dropper.Win32.Dapato.qegh
MicrosoftTrojan:Win32/TrickBot.BB!MTB
AhnLab-V3Trojan/Win32.Agent.C4023690
VBA32BScope.TrojanDropper.Dapato
MalwarebytesTrojan.MalPack.TRE.Generic
ESET-NOD32a variant of Win32/Kryptik.HCCQ
FortinetW32/Emotet.BN!tr
WebrootW32.Trojan.Emotet
AVGWin32:CrypterX-gen [Trj]

How to remove Trojan-Dropper.Win32.Dapato.qegh?

Trojan-Dropper.Win32.Dapato.qegh removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment