Trojan

Should I remove “Trojan-Dropper.Win32.Dapato.rbkk”?

Malware Removal

The Trojan-Dropper.Win32.Dapato.rbkk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan-Dropper.Win32.Dapato.rbkk virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid

How to determine Trojan-Dropper.Win32.Dapato.rbkk?


File Info:

name: 77F58FB9807D820A8334.mlw
path: /opt/CAPEv2/storage/binaries/7df2a8b59f192235054603f0ff650dafcf2ae7254913a6378c7a17302ffb82ce
crc32: 837B24E1
md5: 77f58fb9807d820a8334c7b3d57929ee
sha1: ef2325f1fa9d1da1bc6d9ef04beec5616e21adba
sha256: 7df2a8b59f192235054603f0ff650dafcf2ae7254913a6378c7a17302ffb82ce
sha512: 70a5a6d734e382ca120eac800e49a545c19aed4ec08c321fa884f45c1583a77fd940b60e37780d400631d2ef32e01b6871ba8e71f45e9e47d568ce70971ab831
ssdeep: 768:O7ra/Tl+hs3E/jU0dugZ0T2Xtz+lHQW40Zz0D3jHUpi1GoujbEOmLF5ZCppHN:H/T2X/jN2vxZz0DTHUpoujbFmAppt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F0A37C206760C467D8B256321835E77BABFA9D2160A0AE0743D03E6F7D736C29A1F752
sha3_384: 9a5bda62bc70c08c6208d7ab4128b26a2100c8deaf6e27ab71bfdff9d0001355c082fbada89db786c3fd927ee65eead0
ep_bytes: 558bec81ecf40300005356576a205f33
timestamp: 2021-09-25 21:57:46

Version Info:

0: [No Data]

Trojan-Dropper.Win32.Dapato.rbkk also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Porcupine.4!c
MicroWorld-eScanGen:Heur.Mint.Porcupine.guX@bqB6x3jig
FireEyeGen:Heur.Mint.Porcupine.guX@bqB6x3jig
McAfeeRDN/Generic.dx
CylanceUnsafe
VIPREGen:Heur.Mint.Porcupine.guX@bqB6x3jig
SangforTrojan.Win32.Agent.Vt98
K7AntiVirusRiskware ( 00584baa1 )
AlibabaTrojanDropper:Win32/Dapato.e581fcae
K7GWRiskware ( 00584baa1 )
Cybereasonmalicious.9807d8
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
TrendMicro-HouseCallTROJ_GEN.R002C0PHE22
KasperskyTrojan-Dropper.Win32.Dapato.rbkk
BitDefenderGen:Heur.Mint.Porcupine.guX@bqB6x3jig
CynetMalicious (score: 100)
AvastWin32:Malware-gen
TencentWin32.Trojan-Dropper.Dapato.Aujl
Ad-AwareGen:Heur.Mint.Porcupine.guX@bqB6x3jig
TrendMicroTROJ_GEN.R002C0PHE22
McAfee-GW-EditionRDN/Generic.dx
EmsisoftGen:Heur.Mint.Porcupine.guX@bqB6x3jig (B)
GDataGen:Heur.Mint.Porcupine.guX@bqB6x3jig
AviraHEUR/AGEN.1250594
MicrosoftTrojan:Win32/Wacatac.B!ml
ALYacGen:Heur.Mint.Porcupine.guX@bqB6x3jig
MAXmalware (ai score=86)
RisingTrojan.Generic/MSIL@AI.98 (RDM.MSIL:UgCjo99x7/v9Dyt6p6N2uQ)
AVGWin32:Malware-gen
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Trojan-Dropper.Win32.Dapato.rbkk?

Trojan-Dropper.Win32.Dapato.rbkk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment