Trojan

Trojan-Dropper.Win32.Dropback.cs malicious file

Malware Removal

The Trojan-Dropper.Win32.Dropback.cs is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.Win32.Dropback.cs virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Attempts to delete volume shadow copies
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan-Dropper.Win32.Dropback.cs?



File Info:

crc32: 4E5BB1E4
md5: b1f9461378a69494e459bbc5703252f8
name: B1F9461378A69494E459BBC5703252F8.mlw
sha1: d6373445d34b4556bc7c0d42a00c661705a3e014
sha256: 7454b33f809a1e95d4f10f9fb8a79be539cb3294df3bd98cf96adb29583461a7
sha512: b0c3479c10246c32d667666d2ab80abb2c22489475cb0b164a710f0f7839fa966209c5b3e6b0347cfb36ab930e6fa3e2e5d3f62a79d6bf35255eb61ee589e09f
ssdeep: 12288:PjWw1Lryy4MZHM6xQg5qrqAFB9XeFe5YCplZlNH2jzblHRv:PjB1Lryy42HM6xQTqAFjec5YCpvH2j9
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: (C)Info-ZIP 2007-2015 
InternalName: Codetypedeclaration Deserialize
FileVersion: 5.3.25.8
CompanyName: Info-ZIP
LegalTrademarks: (C)Info-ZIP 2007-2015 
Comments: Electronic Leveraging Offload Connmgr
ProductName: Codetypedeclaration Deserialize
ProductVersion: 5.3.25.8
FileDescription: Electronic Leveraging Offload Connmgr
OriginalFilename: Codetypedeclaration Deserialize.exe
Translation: 0x0409 0x04b0

Trojan-Dropper.Win32.Dropback.cs also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 00519f781 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacTrojan.Ransom.Crysis
CylanceUnsafe
ZillyaTrojan.Dropback.Win32.16
SangforTrojan.Win32.Malware.gen
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDropper:Win32/Dropback.cde20036
K7GWTrojan ( 00519f781 )
Cybereasonmalicious.378a69
CyrenW32/Crysis.CUJV-6895
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Filecoder.Crysis.P
APEXMalicious
AvastOther:Malware-gen [Trj]
KasperskyTrojan-Dropper.Win32.Dropback.cs
BitDefenderTrojan.GenericKD.42748342
NANO-AntivirusTrojan.Win32.Dropback.hjehlp
MicroWorld-eScanTrojan.GenericKD.42748342
TencentWin32.Trojan.Filecoder.Pgmr
Ad-AwareTrojan.GenericKD.42748342
SophosMal/Generic-S
ComodoMalware@#ji0r3foaotiq
BitDefenderThetaGen:NN.ZexaF.34266.SC0@aOsGCDpi
VIPREWin32.Malware!Drop
TrendMicroTrojan.Win32.SKEEYAH.WLDC
McAfee-GW-EditionBehavesLike.Win32.Rootkit.bh
FireEyeGeneric.mg.b1f9461378a69494
EmsisoftTrojan.GenericKD.42748342 (B)
WebrootW32.Adware.Gen
AviraTR/Ransom.Crysis.decxk
eGambitUnsafe.AI_Score_100%
Antiy-AVLTrojan/Generic.ASMalwS.300E24E
MicrosoftTrojan:Win32/Skeeyah.A!MTB
GDataWin32.Trojan.Agent.2DL3YU
AhnLab-V3Malware/Win32.Generic.C4003727
McAfeeArtemis!B1F9461378A6
MAXmalware (ai score=100)
VBA32BScope.Trojan.Weelsof
PandaTrj/WLT.F
TrendMicro-HouseCallTrojan.Win32.SKEEYAH.WLDC
RisingTrojan.Generic@ML.92 (RDMK:l5bCQ7v6kB84tZAJWgGBsA)
IkarusTrojan-Ransom.Crysis
MaxSecureTrojan.Malware.82434296.susgen
FortinetW32/Crysis.P!tr.ransom
AVGOther:Malware-gen [Trj]
Paloaltogeneric.ml

How to remove Trojan-Dropper.Win32.Dropback.cs?

Trojan-Dropper.Win32.Dropback.cs removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment