Categories: Trojan

Trojan.Win32.Chapak.etoz removal tips

The Trojan.Win32.Chapak.etoz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Win32.Chapak.etoz virus can do?

Executable code extraction
Creates RWX memory
A process attempted to delay the analysis task.
Attempts to connect to a dead IP:Port (7 unique times)
Reads data out of its own binary image
A process created a hidden window
Drops a binary and executes it
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Unconventionial language used in binary resources: Russian
Uses Windows utilities for basic functionality
Steals private information from local Internet browsers
Network activity contains more than one unique useragent.
Collects information about installed applications
Creates a hidden or system file
Checks the CPU name from registry, possibly for anti-virtualization
Attempts to modify proxy settings
Harvests credentials from local FTP client softwares
Harvests information related to installed instant messenger clients
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

mordisemn.com

www.bing.com

iplogger.org

apps.identrust.com

isrg.trustid.ocsp.identrust.com

ocsp.int-x3.letsencrypt.org

ip-api.com

How to determine Trojan.Win32.Chapak.etoz?


File Info:
crc32: 989690BFmd5: 1bc1baf462d99e40eeeb99320dcb2721name: upload_filesha1: f43fc90b1cbe189292fb52d62eabb6a605faef4asha256: 8d99ff8b02da8129a9b13a15e9fa7a7026779ee5b159b56f6ff04503fbb878d0sha512: d9186f526252cda11459253f42c8759586a6c3d1dd7244166976cb53ceed7bfe813cb0f06dc18990909a0d0981f4c49c11a34c4eb4bbc0dff413c3cbe1733264ssdeep: 12288:pANwRo+mv8QD4+0V16oXtQmcmpTWG9hEaedNdU9u3O/k6t0Bxd8IcCwohr2f:pAT8QE+kddFcEq/NO96APt0CIcCw6r2ftype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: wotsuper                                                                                            FileDescription: wotsuper 2.1 Installation                                   FileVersion: 2.1                 Comments: CompanyName: wotsuper                                                    Translation: 0x0409 0x04e4

Trojan.Win32.Chapak.etoz also known as:

Bkav	W32.AIDetectVM.malware2
Elastic	malicious (high confidence)
ClamAV	Win.Dropper.Vidar-9182565-0
FireEye	Generic.mg.1bc1baf462d99e40
McAfee	Artemis!9B44D23C7108
Cylance	Unsafe
Cybereason	malicious.b1cbe1
Invincea	heuristic
APEX	Malicious
Cynet	Malicious (score: 85)
Kaspersky	Trojan.Win32.Chapak.etoz
BitDefender	Trojan.GenericKDZ.69387
MicroWorld-eScan	Trojan.GenericKDZ.69387
Rising	Trojan.Kryptik!8.8 (CLOUD)
Sophos	Mal/Generic-S
F-Secure	Trojan.TR/AD.VidarStealer.mgjvg
Emsisoft	Trojan-Dropper.Agent (A)
Ikarus	Trojan-PSW.Agent
Webroot	W32.Trojan.Gen
Avira	TR/AD.VidarStealer.mgjvg
Fortinet	W32/Agent.OKD!tr
Arcabit	Trojan.Generic.D10F0B
SUPERAntiSpyware	Trojan.Agent/Gen-Downloader
ZoneAlarm	Trojan.Win32.Chapak.etoz
Microsoft	Trojan:Win32/Wacatac.C!ml
AhnLab-V3	Malware/Win32.Generic.C3733562
ALYac	Gen:Variant.Zusy.311177
MAX	malware (ai score=86)
Malwarebytes	Trojan.Downloader
ESET-NOD32	a variant of Win32/Kryptik.HFLV
eGambit	Unsafe.AI_Score_99%
GData	Trojan.GenericKDZ.69387
AVG	FileRepMalware
Qihoo-360	HEUR/QVM05.1.3200.Malware.Gen