Trojan

Trojan-Dropper.Win32.Daws.eqwm removal

Malware Removal

The Trojan-Dropper.Win32.Daws.eqwm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.Win32.Daws.eqwm virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan-Dropper.Win32.Daws.eqwm?



File Info:

name: C6D1351197B73AF520D4.mlw
path: /opt/CAPEv2/storage/binaries/f4edc83964c677b191a1d642ec8dfd248e154b6406b91c5d7e9bace70aa3e67b
crc32: 627D60BF
md5: c6d1351197b73af520d48932bf5344a0
sha1: d97625bfc07696e064ed017912e599e3dd4a3d19
sha256: f4edc83964c677b191a1d642ec8dfd248e154b6406b91c5d7e9bace70aa3e67b
sha512: 3dbbfc93a56277f6698593fdd802061d6d2440b503a44dedef96a19a6f8fac9725415ea8ff5aef0d150452cf1b26ae469256bb6f666d9164132058708e12f4ba
ssdeep: 192:/T6txVv1lGO4EogVN4nh11r07nRU91TZhhWQ10jFbs/tR949t:/T6tz94OogU/h07RU9XiQ60tR949t
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B3B24106FB68C069F18281B62D21C79B8568BC3415049E1BFB49BF9E28713F369F9717
sha3_384: 2537b9f3575d9e40154786f16d6962e3cbd35dcd48b198c340963bcf2bb60d5484886da7db67dc0fc98485c5c9416086
ep_bytes: 6810144000e8eeffffff000000000000
timestamp: 2019-03-09 11:09:06


Version Info:

Translation: 0x0804 0x04b0
CompanyName: Skystars Corporation
ProductName: 工程1
FileVersion: 1.00
ProductVersion: 1.00
InternalName: ntdllaaa
OriginalFilename: ntdllaaa.exe

Trojan-Dropper.Win32.Daws.eqwm also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.c6d1351197b73af5
McAfeeArtemis!C6D1351197B7
CylanceUnsafe
ZillyaDropper.Daws.Win32.14239
K7AntiVirusP2PWorm ( 0055376b1 )
K7GWP2PWorm ( 0055376b1 )
Cybereasonmalicious.197b73
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/VB.SUG
APEXMalicious
KasperskyTrojan-Dropper.Win32.Daws.eqwm
BitDefenderGen:Variant.Ursu.398051
NANO-AntivirusTrojan.Win32.Daws.fnxrjw
MicroWorld-eScanGen:Variant.Ursu.398051
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.10b25656
Ad-AwareGen:Variant.Ursu.398051
SophosMal/Generic-S
DrWebTrojan.MulDrop9.4876
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojan.Win32.FLOODRUN.AA
McAfee-GW-EditionBehavesLike.Win32.BadFile.mz
EmsisoftGen:Variant.Ursu.398051 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Ursu.398051
JiangminTrojan.Generic.dbnse
AviraHEUR/AGEN.1124484
MAXmalware (ai score=87)
Antiy-AVLTrojan/Generic.ASMalwS.2AD0ED0
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Trojan/Win32.VBKrypt.R258560
BitDefenderThetaGen:NN.ZevbaF.34062.bm0@aeow1Acb
ALYacGen:Variant.Ursu.398051
VBA32TrojanDropper.Daws
TrendMicro-HouseCallTrojan.Win32.FLOODRUN.AA
YandexTrojan.DR.Daws!3LE9GY5O4/A
IkarusTrojan.NewHeur_VB_Trojan
eGambitUnsafe.AI_Score_99%
FortinetW32/Daws.EQWM!tr
WebrootW32.Trojan.Gen
AVGWin32:Trojan-gen
PandaTrj/GdSda.A

How to remove Trojan-Dropper.Win32.Daws.eqwm?

Trojan-Dropper.Win32.Daws.eqwm removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment