Should I remove “Trojan-Dropper.Win32.Dapato.rcbg”?

The Trojan-Dropper.Win32.Dapato.rcbg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Dropper.Win32.Dapato.rcbg virus can do?

CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan-Dropper.Win32.Dapato.rcbg?


File Info:
name: 0E0304720F4D9E6C4B9D.mlw
path: /opt/CAPEv2/storage/binaries/10a15278f5d0b37b43a5bd7983ec47bceea7f854e8af7ed4e36440375aa33a49
crc32: CC3CBBDE
md5: 0e0304720f4d9e6c4b9da19d7b897276
sha1: e44cc6c1cfeb6e7ce836f7e8f82f4a6f558f9721
sha256: 10a15278f5d0b37b43a5bd7983ec47bceea7f854e8af7ed4e36440375aa33a49
sha512: 39ab0bcd84debe171be7a1bad65aa4a38477929ad6e1466238784d9b2cf5aa81c9498c02636026dfb68378aa306d9985d5232ddd50a9ce1d50fcd57bc56ba679
ssdeep: 24576:N09DgnibOkt9rwZNS5S8znPR/nvKr3wq3DojXXgU8yCQpHe54Ft0r937yZFFAUcC:9y3A80hzEQ8CQBe540rqAUcen+jD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T130A59D0136746E20E67D877A81AA845887F0B817D322DE0EF9D364DC2D61BC75A6FF06
sha3_384: 43b0583d28bd4044016caa444e38f23f92eeb0ddc484dcde89214d762ff6e0d5a78ed50698ac8a385bbeb8d8d547d7e8
ep_bytes: ff25002000112e006200730074002a00
timestamp: 2021-12-22 16:25:23

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: Hydronic Industry Alliance
FileDescription: Building Efficiency System Tool
FileVersion: 6.0.0.0
InternalName: Building Efficiency System Tool.exe
LegalCopyright: 2019-2021
LegalTrademarks: Building Efficiency System Tool
OriginalFilename: Building Efficiency System Tool.exe
ProductName: BEST
ProductVersion: 6.0.0.0
Assembly Version: 6.0.0.0

Trojan-Dropper.Win32.Dapato.rcbg also known as:

Lionic	Trojan.Win32.Dapato.b!c
MicroWorld-eScan	Trojan.GenericKD.62326386
FireEye	Trojan.GenericKD.62326386
CAT-QuickHeal	TrojanDropper.Dapato
McAfee	Artemis!0E0304720F4D
Cylance	Unsafe
VIPRE	Trojan.GenericKD.62326386
Sangfor	Dropper.Win32.Agent.Vuke
Kaspersky	Trojan-Dropper.Win32.Dapato.rcbg
BitDefender	Trojan.GenericKD.62326386
Avast	FileRepMalware
Tencent	Win32.Trojan-Dropper.Dapato.Gjgl
Ad-Aware	Trojan.GenericKD.62326386
Sophos	Mal/Generic-S
McAfee-GW-Edition	Artemis
Emsisoft	Trojan.GenericKD.62326386 (B)
GData	Trojan.GenericKD.62326386
MAX	malware (ai score=89)
Antiy-AVL	Trojan/Generic.ASMalwS.35
Microsoft	Trojan:Win32/Wacatac.B!ml
AhnLab-V3	Dropper/Win.DropperX-gen.C5242610
ALYac	Trojan.GenericKD.62326386
VBA32	Malware-Cryptor.MSIL.AgentTesla.Heur
Malwarebytes	MachineLearning/Anomalous.100%
TrendMicro-HouseCall	TROJ_GEN.R002H07IS22
Rising	Dropper.Dapato!8.2A2 (CLOUD)
Fortinet	PossibleThreat
AVG	FileRepMalware
Panda	Trj/Chgt.AD

How to remove Trojan-Dropper.Win32.Dapato.rcbg?

Trojan-Dropper.Win32.Dapato.rcbg removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X