Trojan

Trojan.Ppatre removal

Malware Removal

The Trojan.Ppatre is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Ppatre virus can do?

  • Attempts to connect to a dead IP:Port (2 unique times)
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

Related domains:

huyontop.com

How to determine Trojan.Ppatre?



File Info:

crc32: 55182577
md5: b9344fe0f84af3b7cf77348b931433e4
name: B9344FE0F84AF3B7CF77348B931433E4.mlw
sha1: 4b065b71363aa68f5dd6738a40bd5b3c84b19286
sha256: ce43c829c3d750d173f320cc9bb9b597266ddb3713c770db0ef3c2af24c4cf10
sha512: aa7653f5ac8a665a88c00a801cde923dfbc0585f8fb71f2db588f3ee1af94b4163a253622e065380f0fb4c233cf81c3880e1d1f563811ec96d437e0006d48067
ssdeep: 96:QtTcnngncTXghZd5WeOU4GQsPbkfL0fdlHguXVPLajki23LfYh:QpGWcTQvbqFzKbELcAuXVD17M
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Trojan.Ppatre also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Ppatre.Gen.1
FireEyeGeneric.mg.b9344fe0f84af3b7
CAT-QuickHealTrojan.Ppatre
McAfeeGenericRXLV-NU!B9344FE0F84A
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Generic.a!e
SangforMalware
K7AntiVirusTrojan-Downloader ( 0053178a1 )
BitDefenderTrojan.Ppatre.Gen.1
K7GWTrojan-Downloader ( 0053178a1 )
Cybereasonmalicious.0f84af
BitDefenderThetaAI:Packer.DD8AEA1E1D
CyrenW32/Upatre.LR.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Waski.AJ
APEXMalicious
AvastWin32:TrojanX-gen [Trj]
KasperskyTrojan-Downloader.Win32.Small.gen
AlibabaTrojanDownloader:Win32/Upatre.78996ef0
NANO-AntivirusTrojan.Win32.Waski.fhukzj
Ad-AwareTrojan.Ppatre.Gen.1
SophosMal/Generic-R + Troj/Upatre-XO
ComodoTrojWare.Win32.TrojanDownloader.Upatre.AX@7t0ehr
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.DownLoader10.8528
ZillyaDownloader.Waski.Win32.8646
TrendMicroTROJ_UPATRE.SM37
McAfee-GW-EditionBehavesLike.Win32.Generic.zt
EmsisoftTrojan.Ppatre.Gen.1 (B)
IkarusTrojan-Downloader.Upatre
JiangminTrojan.Generic.cdnmu
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=89)
Antiy-AVLTrojan/Win32.AGeneric
MicrosoftTrojanDownloader:Win32/Upatre.A
ArcabitTrojan.Ppatre.Gen.1
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
AhnLab-V3Trojan/Win32.Upatre.R256307
ZoneAlarmTrojan-Downloader.Win32.Small.gen
GDataWin32.Trojan-Downloader.Upatre.BJ
CynetMalicious (score: 100)
Acronissuspicious
VBA32Trojan.Downloader
ALYacTrojan.Ppatre.Gen.1
MalwarebytesUpatre.Trojan.Downloader.DDS
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_UPATRE.SM37
RisingDownloader.Waski!8.184 (TFE:5:86rDnqRTsYH)
YandexTrojan.GenAsa!w6f6bF9mr2E
SentinelOneStatic AI – Malicious PE – Downloader
MaxSecureTrojan.Upatre.Gen
FortinetW32/Tiny.NIV!tr
AVGWin32:TrojanX-gen [Trj]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360HEUR/QVM19.1.F3A3.Malware.Gen

How to remove Trojan.Ppatre?

Trojan.Ppatre removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment