Categories: Trojan

Trojan-Dropper.Win32.Dropback.cs malicious file

The Trojan-Dropper.Win32.Dropback.cs is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan-Dropper.Win32.Dropback.cs virus can do?

Executable code extraction
Creates RWX memory
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Reads data out of its own binary image
The binary likely contains encrypted or compressed data.
Attempts to delete volume shadow copies
Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
Installs itself for autorun at Windows startup
Creates a hidden or system file
Creates a copy of itself
Uses suspicious command line tools or Windows utilities

How to determine Trojan-Dropper.Win32.Dropback.cs?


File Info:
crc32: 4E5BB1E4md5: b1f9461378a69494e459bbc5703252f8name: B1F9461378A69494E459BBC5703252F8.mlwsha1: d6373445d34b4556bc7c0d42a00c661705a3e014sha256: 7454b33f809a1e95d4f10f9fb8a79be539cb3294df3bd98cf96adb29583461a7sha512: b0c3479c10246c32d667666d2ab80abb2c22489475cb0b164a710f0f7839fa966209c5b3e6b0347cfb36ab930e6fa3e2e5d3f62a79d6bf35255eb61ee589e09fssdeep: 12288:PjWw1Lryy4MZHM6xQg5qrqAFB9XeFe5YCplZlNH2jzblHRv:PjB1Lryy42HM6xQTqAFjec5YCpvH2j9type: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: (C)Info-ZIP 2007-2015 InternalName: Codetypedeclaration DeserializeFileVersion: 5.3.25.8CompanyName: Info-ZIPLegalTrademarks: (C)Info-ZIP 2007-2015 Comments: Electronic Leveraging Offload ConnmgrProductName: Codetypedeclaration DeserializeProductVersion: 5.3.25.8FileDescription: Electronic Leveraging Offload ConnmgrOriginalFilename: Codetypedeclaration Deserialize.exeTranslation: 0x0409 0x04b0

Trojan-Dropper.Win32.Dropback.cs also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 00519f781 )
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
ALYac	Trojan.Ransom.Crysis
Cylance	Unsafe
Zillya	Trojan.Dropback.Win32.16
Sangfor	Trojan.Win32.Malware.gen
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	TrojanDropper:Win32/Dropback.cde20036
K7GW	Trojan ( 00519f781 )
Cybereason	malicious.378a69
Cyren	W32/Crysis.CUJV-6895
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/Filecoder.Crysis.P
APEX	Malicious
Avast	Other:Malware-gen [Trj]
Kaspersky	Trojan-Dropper.Win32.Dropback.cs
BitDefender	Trojan.GenericKD.42748342
NANO-Antivirus	Trojan.Win32.Dropback.hjehlp
MicroWorld-eScan	Trojan.GenericKD.42748342
Tencent	Win32.Trojan.Filecoder.Pgmr
Ad-Aware	Trojan.GenericKD.42748342
Sophos	Mal/Generic-S
Comodo	Malware@#ji0r3foaotiq
BitDefenderTheta	Gen:NN.ZexaF.34266.SC0@aOsGCDpi
VIPRE	Win32.Malware!Drop
TrendMicro	Trojan.Win32.SKEEYAH.WLDC
McAfee-GW-Edition	BehavesLike.Win32.Rootkit.bh
FireEye	Generic.mg.b1f9461378a69494
Emsisoft	Trojan.GenericKD.42748342 (B)
Webroot	W32.Adware.Gen
Avira	TR/Ransom.Crysis.decxk
eGambit	Unsafe.AI_Score_100%
Antiy-AVL	Trojan/Generic.ASMalwS.300E24E
Microsoft	Trojan:Win32/Skeeyah.A!MTB
GData	Win32.Trojan.Agent.2DL3YU
AhnLab-V3	Malware/Win32.Generic.C4003727
McAfee	Artemis!B1F9461378A6
MAX	malware (ai score=100)
VBA32	BScope.Trojan.Weelsof
Panda	Trj/WLT.F
TrendMicro-HouseCall	Trojan.Win32.SKEEYAH.WLDC
Rising	Trojan.Generic@ML.92 (RDMK:l5bCQ7v6kB84tZAJWgGBsA)
Ikarus	Trojan-Ransom.Crysis
MaxSecure	Trojan.Malware.82434296.susgen
Fortinet	W32/Crysis.P!tr.ransom
AVG	Other:Malware-gen [Trj]
Paloalto	generic.ml