Trojan

Trojan.Upatre.Gen.3 removal instruction

Malware Removal

The Trojan.Upatre.Gen.3 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Upatre.Gen.3 virus can do?

  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Portuguese (Brazilian)
  • The binary likely contains encrypted or compressed data.
  • Looks up the external IP address
  • Mimics icon used for popular non-executable file format
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

Related domains:

icanhazip.com

How to determine Trojan.Upatre.Gen.3?



File Info:

crc32: E62B468B
md5: c9e912d2c9c8b03dca8315c60eedfff3
name: C9E912D2C9C8B03DCA8315C60EEDFFF3.mlw
sha1: d677e64e2ef5351dd9c60b1364b694a6e5e5b7c5
sha256: f90379d82a0387bdaace3b8bfaae4a1db09e9c143f34300bcaaf872a97114c1f
sha512: ada911139530e40527b777650aad34aa766478efe5e0a8c56997fdf98bcc3543515c13da7d4e3d7e064e7b70b1cba36643874f105da14dc266d1f11f8b76de68
ssdeep: 1536:LHzXMcU0ZCFmoTcjz4qOyakl85QkqcGtU2FZffBbVxMq6qB76K:LHzXMWZCU2cjzLOyn85QTckhrjOK
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright 2014-2015 DAVT
InternalName: DAVT Utility
FileVersion: 1.0.0.10
CompanyName: DAVT
ProductName: DAVT Corp.
ProductVersion: 1.0.0.10
FileDescription: DAVT Corp.
OriginalFilename: davtil.exe
Translation: 0x0423 0x04b1

Trojan.Upatre.Gen.3 also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Upatre.Gen.3
FireEyeGeneric.mg.c9e912d2c9c8b03d
CAT-QuickHealTrojan.Kadena.B4
McAfeeUpatre-FACM!C9E912D2C9C8
MalwarebytesTrojan.Upatre
VIPRETrojan-Downloader.Win32.Upatre.ic (v)
K7AntiVirusTrojan ( 004c75411 )
BitDefenderTrojan.Upatre.Gen.3
K7GWTrojan ( 004c5f921 )
Cybereasonmalicious.2c9c8b
BaiduWin32.Trojan.Kryptik.jn
CyrenW32/Upatre.AT.gen!Eldorado
SymantecDownloader.Upatre!gen5
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.Upatre-6747521-0
KasperskyHEUR:Trojan.Win32.Generic
NANO-AntivirusTrojan.Win32.Upatre.dtccnn
SUPERAntiSpywareTrojan.Agent/Gen-Upatre
RisingTrojan.Waski!1.A489 (CLASSIC)
Ad-AwareTrojan.Upatre.Gen.3
EmsisoftTrojan.Upatre.Gen.3 (B)
ComodoTrojWare.Win32.TrojanDownloader.Upatre.KMJ@5s5qya
F-SecureTrojan.TR/Kryptik.abboik
DrWebTrojan.DownLoader14.35405
ZillyaTrojan.Kryptik.Win32.743367
TrendMicroTROJ_UPATRE.SM37
McAfee-GW-EditionBehavesLike.Win32.Emotet.km
SophosML/PE-A + Troj/Dyreza-FP
IkarusPUA.Bundler
JiangminTrojanDownloader.Upatre.nrd
AviraTR/Kryptik.abboik
Antiy-AVLTrojan[Downloader]/Win32.Upatre
MicrosoftTrojanDownloader:Win32/Upatre
ArcabitTrojan.Upatre.Gen.3
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Upatre.Gen.3
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Upatre.R154505
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34804.em1@am05KUdG
ALYacTrojan.Upatre.Gen.3
MAXmalware (ai score=80)
VBA32BScope.Trojan.Upatre
CylanceUnsafe
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/Kryptik.DMJN
TrendMicro-HouseCallTROJ_UPATRE.SM37
TencentMalware.Win32.Gencirc.10b1fc61
YandexTrojan.DL.Upatre!SpniYCaGPC4
SentinelOneStatic AI – Malicious PE – Downloader
FortinetW32/Waski.A!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360Win32/Trojan.2ff

How to remove Trojan.Upatre.Gen.3?

Trojan.Upatre.Gen.3 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment