Trojan

Trojan.Win32.Scar.lttk removal

Malware Removal

The Trojan.Win32.Scar.lttk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Scar.lttk virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Attempts to modify the Microsoft attachment manager possibly to bypass security checks on mail and Internet saved files
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Attempts to disable UAC
  • Attempts to modify UAC prompt behavior
  • Anomalous binary characteristics

How to determine Trojan.Win32.Scar.lttk?



File Info:

name: DD6AC9BC288AF0959169.mlw
path: /opt/CAPEv2/storage/binaries/00638c8a7c4a6c49afb1ef4835d75b70c767df2b881a4c00a307e48ea3309bdc
crc32: B2E7C6E8
md5: dd6ac9bc288af095916911cb2911fe2b
sha1: 58284738f8d2c8e044670639b4cd55a071b0ccb6
sha256: 00638c8a7c4a6c49afb1ef4835d75b70c767df2b881a4c00a307e48ea3309bdc
sha512: 5b003b853625a7f0818dcda73144e81476311a2d89bd252efbf5680ab55ca9edcaa139e7c8fd5ac0b9b0420dd6e7ce2afe3c66fb916e765d6dbc7e26d266cd17
ssdeep: 49152:wC2lJmXbj5DIwbQea1LPEyK7r385JD3d6cIWhS:wzlkbFDVrQMyOr3S3d6cLhS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A4851203B293C072D49501B505658BB64F3A7C319775D0FBAFD13AAA9D703E29B3638A
sha3_384: 3cec1ac8f2e49e0dfe10b142b185938c8d1be692bb5ef7f1b1ec8274f56d0516a5a4f07a73ea752e073f4da6a36e153c
ep_bytes: e8a61d0000e989feffff8bff565733f6
timestamp: 2015-02-09 21:57:00


Version Info:

Comments: Created with Setup Factory
FileDescription: Setup Application
FileVersion: 9.5.0.0
InternalName: suf_launch
LegalCopyright: Setup Engine Copyright © 2004-2015 Indigo Rose Corporation
LegalTrademarks: Setup Factory is a trademark of Indigo Rose Corporation.
OriginalFilename: suf_launch.exe
ProductName: Setup Factory Runtime
ProductVersion: 9.5.0.0
Translation: 0x0409 0x04e4

Trojan.Win32.Scar.lttk also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.61240627
FireEyeTrojan.GenericKD.61240627
ALYacTrojan.GenericKD.61240627
CylanceUnsafe
VIPRETrojan.GenericKD.61240627
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojanDropper:Win32/Addrop.7c1779bd
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.8f8d2c
VirITTrojan.Win32.DownLoader15.DDL
SymantecTrojan.Gen
Elasticmalicious (high confidence)
ESET-NOD32Win32/TrojanDropper.Addrop.AD
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Scar.lttk
BitDefenderTrojan.GenericKD.61240627
NANO-AntivirusTrojan.Win32.Scar.dydilw
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.10c5c393
Ad-AwareTrojan.GenericKD.61240627
EmsisoftTrojan.GenericKD.61240627 (B)
DrWebTrojan.FakeAV.18332
ZillyaDownloader.Genome.Win32.65537
TrendMicroTROJ_GEN.R067C0GHB22
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
Trapminesuspicious.low.ml.score
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.61240627
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1213724
MAXmalware (ai score=85)
ArcabitTrojan.Generic.D3A67533
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
McAfeeArtemis!DD6AC9BC288A
MalwarebytesPUP.Optional.Downloader
TrendMicro-HouseCallTROJ_GEN.R067C0GHB22
RisingDropper.Addrop!8.11F (CLOUD)
IkarusTrojan.Win32.Scar
MaxSecureTrojan.Malware.1728101.susgen
FortinetW32/Scar.LTTK!tr
AVGWin32:Malware-gen

How to remove Trojan.Win32.Scar.lttk?

Trojan.Win32.Scar.lttk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment