Trojan

About “TrojanDownloader.Berbew” infection

Malware Removal

The TrojanDownloader.Berbew is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader.Berbew virus can do?

  • Creates an indicator observed in Territorial Disputes report SIG40
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine TrojanDownloader.Berbew?



File Info:

name: D2DA9472B91A9D06E38F.mlw
path: /opt/CAPEv2/storage/binaries/0b812a63ba8a7d02014e18c9730cfc61aac48435b2f92c4b4616023b1e34775a
crc32: 8A0EA661
md5: d2da9472b91a9d06e38f62485f28f9d0
sha1: 40b4eb59e71ecbbef0785a89a70e235775b9af11
sha256: 0b812a63ba8a7d02014e18c9730cfc61aac48435b2f92c4b4616023b1e34775a
sha512: 8e694542c74c7dd3a07d0bbd3068f7777b257d9b769f82dfcc8f825a6d9b77bf112fdab421315d67236883a91dab2bd18ee3230d95bfd817cacb5eb6994e7260
ssdeep: 1536:9uITqaqvbueM5/UpHczWpf3Dtw+mfX+KaNCyVso:FTqaLenpHczc3xBmbheso
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F5435DEFEE6B0BE2C15B0DB3455A869973BB8A6003798D2048A8C05F3D37F585779260
sha3_384: 2efbd80aefd7297a58920ac01bea0ddc6288eb31de3c2944738c2e2b991641bd98ecdaef6e419ac401da09e832970cca
ep_bytes: 90906090909067e80000000090909058
timestamp: 2023-07-29 18:29:59


Version Info:

0: [No Data]

TrojanDownloader.Berbew also known as:

BkavW32.AIDetectMalware
DrWebBackDoor.HangUp.43832
MicroWorld-eScanGenPack:Backdoor.Hangup.B
ClamAVWin.Trojan.Crypted-30
FireEyeGeneric.mg.d2da9472b91a9d06
CAT-QuickHealTrojanDownloader.Berbew
SkyhighBehavesLike.Win32.Generic.qh
McAfeeTrojan-FVOK!D2DA9472B91A
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.QukartGen.Win32.2
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 005780dd1 )
K7AntiVirusTrojan ( 005780dd1 )
BitDefenderThetaAI:Packer.6CDB3E0D1E
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Spy.Qukart
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Spy.Win32.Qukart.af
BitDefenderGenPack:Backdoor.Hangup.B
NANO-AntivirusTrojan.Win32.Qukart.kcwouj
AvastWin32:TrojanX-gen [Trj]
EmsisoftGenPack:Backdoor.Hangup.B (B)
F-SecureTrojan.TR/Spy.Qukart.NB
BaiduWin32.Trojan-Spy.Quart.a
VIPREGenPack:Backdoor.Hangup.B
TrendMicroTROJ_GEN.R03BC0DBK24
Trapminemalicious.high.ml.score
SophosMal/Padodor-A
IkarusTrojan.Crypt
JiangminTrojanSpy.Qukart.ahel
GoogleDetected
AviraTR/Spy.Qukart.NB
MAXmalware (ai score=89)
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
Kingsoftmalware.kb.a.1000
ArcabitGenPack:Backdoor.Hangup.B
ZoneAlarmTrojan-Spy.Win32.Qukart.af
GDataGenPack:Backdoor.Hangup.B
VaristW32/Qukart.K.gen!Eldorado
AhnLab-V3Win-Trojan/Berbew.51712
Acronissuspicious
ALYacGenPack:Backdoor.Hangup.B
TACHYONBackdoor/W32.Padodor
VBA32BScope.Backdoor.Berbew
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R03BC0DBK24
RisingBackdoor.Berbew!1.AE0A (CLASSIC)
SentinelOneStatic AI – Malicious PE
FortinetW32/Qukart.A!tr
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.9e71ec
DeepInstinctMALICIOUS

How to remove TrojanDownloader.Berbew?

TrojanDownloader.Berbew removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment