Trojan

Trojan.Win32.Copak.drla malicious file

Malware Removal

The Trojan.Win32.Copak.drla is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Copak.drla virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Deletes its original binary from disk
  • Created a process from a suspicious location
  • Creates a copy of itself

How to determine Trojan.Win32.Copak.drla?



File Info:

name: F47AC69655EB5E6E6251.mlw
path: /opt/CAPEv2/storage/binaries/3fcfba0a7ea6c576d7b7db66a5d4b4a5f88db5000602f0ef7bcbec4ce234a5f6
crc32: B3CAE9FC
md5: f47ac69655eb5e6e6251a9d6d7b1a6b3
sha1: c83e0aa14f1579ba56cf04d2185ac48bd6fb6ca9
sha256: 3fcfba0a7ea6c576d7b7db66a5d4b4a5f88db5000602f0ef7bcbec4ce234a5f6
sha512: 20795b4469778195a29499ffcffabdc48a4df6e76d58177cea89ef3f4212cbb68ab998f85b287e60a2d27aa4a639915667b3ccb418bc53565e5ccad7905cc331
ssdeep: 6144:03nmmpGKfnpHRncW0OVmLn27KfnpHRncg:026RRSOVmjHRN
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1D994225C93820EF8E8E622F911B37D4D9910A07476D38A43E71488F872BF59CE9D6B13
sha3_384: 62a7beb9209fc7989f6034dd3dca8e64f1fc7bf0c41dff2c2174b2c8cc02cc7318052310f969576b017526d0ba43f9f6
ep_bytes: 6800000000585281eb2cebd53f09df21
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Trojan.Win32.Copak.drla also known as:

LionicTrojan.Win32.Copak.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Graftor.950165
McAfeeGenericRXNY-OE!F47AC69655EB
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
K7AntiVirusTrojan ( 0057ffc71 )
BitDefenderGen:Variant.Graftor.950165
K7GWTrojan ( 0057ffc71 )
Cybereasonmalicious.14f157
CyrenW32/Kryptik.DCC.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HITO
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Copak-9853643-0
KasperskyTrojan.Win32.Copak.drla
AlibabaTrojan:Win32/Copak.d876cf06
NANO-AntivirusTrojan.Win32.Agent.ixszcw
TencentMalware.Win32.Gencirc.10ce57b8
Ad-AwareGen:Variant.Graftor.950165
SophosMal/Generic-R + Troj/Agent-BGZJ
ComodoPacked.Win32.MUPX.Gen@24tbus
DrWebTrojan.Packed2.43250
TrendMicroTROJ_GEN.R049C0PGE21
McAfee-GW-EditionBehavesLike.Win32.Generic.gc
FireEyeGen:Variant.Graftor.950165
EmsisoftGen:Variant.Graftor.950165 (B)
IkarusTrojan.Kryptik
JiangminTrojan.Copak.cym
AviraTR/Patched.Ren.Gen
Antiy-AVLTrojan/Generic.ASBOL.C686
GridinsoftRansom.Win32.Wacatac.sa
MicrosoftTrojan:Win32/Injector.RAQ!MTB
GDataGen:Variant.Graftor.950165
CynetMalicious (score: 100)
AhnLab-V3Malware/Gen.RL_Reputation.R368116
BitDefenderThetaGen:NN.ZexaF.34062.zmZ@aqxLbnk
ALYacGen:Variant.Graftor.950165
MAXmalware (ai score=83)
VBA32BScope.Trojan.Wacatac
MalwarebytesSpyware.PasswordStealer
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R049C0PGE21
RisingTrojan.Injector!1.C865 (CLASSIC)
YandexTrojan.Kryptik!j6YylzBvFAg
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/Kryptik.HITO!tr
AVGWin32:Evo-gen [Susp]
AvastWin32:Evo-gen [Susp]
CrowdStrikewin/malicious_confidence_90% (W)
MaxSecureTrojan.Malware.121218.susgen

How to remove Trojan.Win32.Copak.drla?

Trojan.Win32.Copak.drla removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment