Trojan

TrojanDownloader:O97M/IcedID.JAO!MTB removal

Malware Removal

The TrojanDownloader:O97M/IcedID.JAO!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:O97M/IcedID.JAO!MTB virus can do?

  • The office file contains 6 macros
  • The office file contains a macro with auto execution
  • The office file contains a macro with potential indicators of compromise
  • The office file contains a macro with suspicious strings

How to determine TrojanDownloader:O97M/IcedID.JAO!MTB?



File Info:

crc32: F92F2A80
md5: 6f7e89f2936864b501cc65e762591319
name: upload_file
sha1: 9cb1bf67ea09ee31ea83b252d1866781bec70f06
sha256: f26fc870692e96091097a4f2f130e7c3ead238fe30ed65cca32693dacc51068f
sha512: a96be9c7ec78b808c5c92cf11fe650feca342a2ca6b735cd062519778d3601669c4131dd66ad74f0d436bc48cde22199b828682e073d6c7e10735ed8f6c966e2
ssdeep: 3072:rCnLQjxBK7QRgoqbZ3NGTJAn0uiFIreBJANjG8:r0MxBsQRgl38FTIreu
type: Microsoft Word 2007+


Version Info:

0: [No Data]

TrojanDownloader:O97M/IcedID.JAO!MTB also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.44341894
FireEyeTrojan.GenericKD.44341894
McAfeeRDN/Generic Dropper
AegisLabTrojan.MSWord.Generic.4!c
BitDefenderTrojan.GenericKD.44341894
TrendMicroTrojan.W97M.POWLOAD.THKODBO
SymantecTrojan.Gen.NPE
ESET-NOD32a variant of Generik.DUYYIUH
TrendMicro-HouseCallTrojan.W97M.POWLOAD.THKODBO
AvastSNH:Script [Dropper]
KasperskyHEUR:Trojan.MSOffice.SAgent.gen
AlibabaTrojan:Win32/MalDoc.ali1000158
NANO-AntivirusTrojan.Ole2.Vbs-heuristic.druvzi
ViRobotDOC.Z.Agent.116892
RisingMalware.ObfusVBA@ML.100 (VBA)
Ad-AwareTrojan.GenericKD.44341894
EmsisoftTrojan.GenericKD.44341894 (B)
F-SecureHeuristic.HEUR/Macro.Downloader.YPA.Gen
McAfee-GW-EditionBehavesLike.Obfuscated-VBA.cc
IkarusTrojan.SuspectCRC
GDataTrojan.GenericKD.44341894
JiangminTrojan.BAT.Small.a
AviraHEUR/Macro.Downloader.YPA.Gen
MicrosoftTrojanDownloader:O97M/IcedID.JAO!MTB
GridinsoftTrojan.U.Downloader.oa
ArcabitHEUR.VBA.Trojan.d
ZoneAlarmHEUR:Trojan.MSOffice.SAgent.gen
CynetMalicious (score: 85)
ALYacTrojan.Downloader.DOC.Gen
TACHYONSuspicious/WOX.Obfus.Gen.8
ZonerProbably Heur.W97Obfuscated
TencentHeur.Macro.Generic.e.1f4196cb
YandexTrojan.AvsMofer.bS58KH
SentinelOneStatic AI – Malicious OPENXML
FortinetVBA/Agent.YPA!tr.dldr
AVGSNH:Script [Dropper]
Qihoo-360Generic/Trojan.Downloader.fa2

How to remove TrojanDownloader:O97M/IcedID.JAO!MTB?

TrojanDownloader:O97M/IcedID.JAO!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment