Trojan

What is “Trojan-Dropper.Win32.Scrop.aatv”?

Malware Removal

The Trojan-Dropper.Win32.Scrop.aatv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.Win32.Scrop.aatv virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial binary language: Portuguese (Brazil)
  • Unconventionial language used in binary resources: Portuguese (Brazilian)
  • Sniffs keystrokes
  • Checks for the presence of known windows from debuggers and forensic tools
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Installs itself for autorun at Windows startup

Related domains:

download.centralx.com.br
www.downloadasap.com
www.hidoctor.com.br
centralx.powerline.com.br

How to determine Trojan-Dropper.Win32.Scrop.aatv?



File Info:

crc32: 9BB7AFBB
md5: 06fc0dd1c4e0262744cd8475a9208fd5
name: dabr_hidoctor8020a_85c86n2.exe
sha1: 2464e0a050f981fab488a13502d5c7ac5565f8c3
sha256: 7e990872552e8ffae449f12304f4785e628dcd68f7b97d4adf96f1d04439ef13
sha512: 2db39d98dea8b7d0c6df3e0b4c4b81125d717099964714eef138888e49a69b51bec2093c7aaffa7210975706d18520ba8d62b4f36fa2a58bee665f2ab2537e18
ssdeep: 24576:9A/GdQEfRiHN7iaqCavgYCkS/Tfc8DvGyHa/j:9qEp6tKyX/TTHq
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: 
InternalName: 
FileVersion: 3.1.0.77
CompanyName: Centralx.com Ltda
LegalTrademarks: 
Comments: 
ProductName: 
ProductVersion: 3.1
FileDescription: 
OriginalFilename: 
Translation: 0x0416 0x04e4

Trojan-Dropper.Win32.Scrop.aatv also known as:

SymantecDownloader
KasperskyTrojan-Dropper.Win32.Scrop.aatv
ZillyaDropper.Scrop.Win32.565
ZoneAlarmTrojan-Dropper.Win32.Scrop.aatv
VBA32BScope.TrojanDownloader.Banload
Paloaltogeneric.ml

How to remove Trojan-Dropper.Win32.Scrop.aatv?

Trojan-Dropper.Win32.Scrop.aatv removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment