Trojan

Trojan-GameThief.Win32.Latot.daa malicious file

Malware Removal

The Trojan-GameThief.Win32.Latot.daa is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-GameThief.Win32.Latot.daa virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

Related domains:

wpad.local-net
www.56561234.com

How to determine Trojan-GameThief.Win32.Latot.daa?



File Info:

name: FFD93F7C41DAB6142D1A.mlw
path: /opt/CAPEv2/storage/binaries/c54f2a2cf198c397af61669d42acfee7c4cc810dbe795f428665adbd43f2c4ae
crc32: 0525AFEF
md5: ffd93f7c41dab6142d1a7ede3205d3bb
sha1: 747d7ca19d6a8fb9176e5d647e9b212a4c6eabda
sha256: c54f2a2cf198c397af61669d42acfee7c4cc810dbe795f428665adbd43f2c4ae
sha512: 2150bdbcb0dcd71843ed67bc55aba863b41b0ac85688e87fbe5ae2c2ed52ffd773bc254b3fd1e235776d8e6767ca9cb125ffd81cca304ddf498a815f1d272142
ssdeep: 384:5VmR1CYKlSqQu+TbMhyc6DMLWEgsoNv0sh6:7mR1CY45QpgycwUWE8Nzw
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1FDC24B0A9F5A40E1FF5680B185778B12D9FA741463E528CF9B60BE961F322D0F17B2C9
sha3_384: 503b3536886c7b73a79d3b8aacc54845f87c78b88e3407b023b657e84ffda71402cd3483fca8186cb7c0f862d95a243e
ep_bytes: 4883ec28e8d30300004883c428e9fefc
timestamp: 2021-07-02 02:11:55


Version Info:

FileVersion: 1, 0, 0, 1
LegalCopyright: Copyright (C) 2017
ProductVersion: 1, 0, 0, 1
Translation: 0x0004 0x04b0

Trojan-GameThief.Win32.Latot.daa also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.37900698
FireEyeGeneric.mg.ffd93f7c41dab614
ALYacTrojan.GenericKD.37900698
CylanceUnsafe
K7AntiVirusTrojan-Downloader ( 0057e9021 )
AlibabaTrojanDownloader:Win32/Latot.edf7efe4
K7GWTrojan-Downloader ( 0057e9021 )
Cybereasonmalicious.19d6a8
CyrenW64/Latot.A.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win64/TrojanDownloader.Agent.KI
Paloaltogeneric.ml
ClamAVWin.Malware.Latot-9879382-0
KasperskyTrojan-GameThief.Win32.Latot.daa
BitDefenderTrojan.GenericKD.37900698
NANO-AntivirusTrojan.Win32.Small.iwuixp
AvastWin64:TrojanX-gen [Trj]
TencentMalware.Win32.Gencirc.10cf8ca0
Ad-AwareTrojan.GenericKD.37900698
DrWebTrojan.DownLoader44.1947
ZillyaTrojan.Latot.Win32.408
TrendMicroTROJ_GEN.R002C0WKN21
McAfee-GW-EditionBehavesLike.Win64.BadFile.mm
EmsisoftTrojan.GenericKD.37900698 (B)
IkarusTrojan-Downloader.Win32.Small
GDataTrojan.GenericKD.37900698
JiangminTrojan.PSW.Latot.jt
AviraTR/Dldr.Agent.edrdy
Antiy-AVLTrojan/Generic.ASMalwS.34091E5
GridinsoftRansom.Win64.Sabsik.sa
ViRobotTrojan.Win32.Z.Latot.25760.A
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R429600
McAfeeGenericRXAA-AA!FFD93F7C41DA
MAXmalware (ai score=81)
MalwarebytesTrojan.MalPack
TrendMicro-HouseCallTROJ_GEN.R002C0WKN21
YandexTrojan.PWS.Latot!OferzjtSzaQ
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_97%
FortinetW64/Agent.KI!tr.dldr
AVGWin64:TrojanX-gen [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Trojan-GameThief.Win32.Latot.daa?

Trojan-GameThief.Win32.Latot.daa removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment