TrojanDownloader:O97M/Obfuse.BPK!MTB information

Malware Removal

The TrojanDownloader:O97M/Obfuse.BPK!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What TrojanDownloader:O97M/Obfuse.BPK!MTB virus can do?

  • Injection (inter-process)
  • Injection with CreateRemoteThread in a remote process
  • Uses Windows utilities for basic functionality
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine TrojanDownloader:O97M/Obfuse.BPK!MTB?


File Info:

crc32: AEE52B72
md5: 942b5d3731110e95c84e8fb7c4e31bf3
name: upload_file
sha1: 0ae08dc9f7ddd5bdd273c977c06b842835b890c5
sha256: 8951edf18c219c38e0458b432e2ad7acb408dd78347d4be3bbbcf30c740d9d74
sha512: 4b23089e446258d07fdff208868d43042c6656f7dae694458af50246db111b074941eab3eb0ec2e5eb2bff9d841f9732f8ed4f2c8c8b6b640196219ac065c319
ssdeep: 192:0mn87BGaI/tSpGhUp3vFWzYp+B7kS580cFqgQHTIUXhWBS0ZApg1nnHXcvTBFoP:036tlhuvFgFnzGBn3clFo39D
type: Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1252, Author: product presentation, Last Saved By: Master Mana, Revision Number: 3, Name of Creating Application: Microsoft Office PowerPoint, Total Editing Time: 05:52, Create Time/Date: Wed Oct 14 07:08:37 2020, Last Saved Time/Date: Wed Oct 14 07:14:29 2020, Number of Words: 0

Version Info:

0: [No Data]

TrojanDownloader:O97M/Obfuse.BPK!MTB also known as:

Elasticmalicious (high confidence)
AegisLabTrojan.Script.Generic.a!c
ArcabitTrojan.Generic.D212929D
CyrenPP97M/Downldr.NU.gen!Eldorado
SymantecTrojan.Gen.NPE
TrendMicro-HouseCallTrojan.P97M.POWLOAD.AI
AvastVBS:Obfuscated-gen [Trj]
CynetMalicious (score: 85)
KasperskyHEUR:Trojan-Downloader.Script.Generic
BitDefenderTrojan.GenericKD.34771613
MicroWorld-eScanTrojan.GenericKD.34771613
RisingMalware.ObfusVBA@ML.99 (VBA)
Ad-AwareTrojan.GenericKD.34771613
EmsisoftTrojan.GenericKD.34771613 (B)
F-SecureHeuristic.HEUR/Macro.Downloader.MRKI.Gen
TrendMicroTrojan.P97M.POWLOAD.AI
McAfee-GW-EditionBehavesLike.OLE2.Downloader.kx
FireEyeTrojan.GenericKD.34771613
IkarusWin32.Outbreak
AviraHEUR/Macro.Downloader.MRKI.Gen
MAXmalware (ai score=99)
Antiy-AVLTrojan[Downloader]/MSOffice.Agent.ubw
MicrosoftTrojanDownloader:O97M/Obfuse.BPK!MTB
ViRobotPPT.Z.Agent.70656.B
ZoneAlarmHEUR:Trojan-Downloader.Script.Generic
GDataGeneric.Trojan.Agent.UZYKL0
ALYacTrojan.GenericKD.34772399
ZonerProbably Heur.W97Obfuscated
ESET-NOD32a variant of VBA/TrojanDownloader.Agent.UNQ
TencentWin32.Trojan-downloader.Agent.Hqvb
SentinelOneDFI – Suspicious OLE
FortinetVBA/Agent.MRKI!tr
AVGVBS:Obfuscated-gen [Trj]
Qihoo-360Generic/Trojan.Downloader.251

How to remove TrojanDownloader:O97M/Obfuse.BPK!MTB?

TrojanDownloader:O97M/Obfuse.BPK!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment