Trojan

TrojanDownloader:O97M/Obfuse.SS!MTB malicious file

Malware Removal

The TrojanDownloader:O97M/Obfuse.SS!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:O97M/Obfuse.SS!MTB virus can do?

  • The office file has a unconventional code page: ANSI Cyrillic; Cyrillic (Windows)
  • The office file contains 2 macros
  • The office file contains a macro with auto execution
  • The office file contains anomalous features
  • The office file contains a macro with potential indicators of compromise
  • The office file contains a macro with suspicious strings

Related domains:

z.whorecord.xyz

How to determine TrojanDownloader:O97M/Obfuse.SS!MTB?



File Info:

crc32: FD917F85
md5: b371470dc7bd04733cc9d2e84d211fab
name: upload_file
sha1: 556deb86aca1de1e40434ed606b501ae90d1a425
sha256: 820acc712ea6e23eefe48aad2d0241140c455a98a47737a033ab3699a26f54be
sha512: 6eba7780c5faa1ea69c647e416b581a609e66384ebc31f284c80b269f9b4fcd84e154d5de1202d78e9927278cfdba78004ad7da61210e39c765f8f9cec00dec4
ssdeep: 6144:52odBqalWx9HKA2zvr4v6Bvr7x+LqRidIc5eiosO+E2mjyDxcBne3OOUj3uZgFt:5pKqTDr4sx+G3c5eH+LRDx4jeZn
type: Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Author: 1, Template: Normal.dotm, Last Saved By: 1, Revision Number: 55, Name of Creating Application: Microsoft Office Word, Total Editing Time: 49:00, Create Time/Date: Tue Oct 20 11:27:00 2020, Last Saved Time/Date: Tue Oct 20 14:55:00 2020, Number of Pages: 1, Number of Words: 70463, Number of Characters: 401644, Security: 0


Version Info:

0: [No Data]

TrojanDownloader:O97M/Obfuse.SS!MTB also known as:

MicroWorld-eScanTrojan.GenericKD.34860553
FireEyeTrojan.GenericKD.34860553
ALYacTrojan.Downloader.DOC.Gen
SymantecW97M.Downloader
AvastSNH:Script [Dropper]
KasperskyHEUR:Trojan-Dropper.MSOffice.SDrop.gen
BitDefenderTrojan.GenericKD.34860553
RisingDropper.Agent!8.2F (TOPIS:E0:7NbfRdFivCN)
Ad-AwareTrojan.GenericKD.34860553
DrWebExploit.Siggen2.52969
McAfee-GW-EditionBehavesLike.OLE2.Downloader.jg
AviraW97M/Agent.6557911
MicrosoftTrojanDownloader:O97M/Obfuse.SS!MTB
ArcabitTrojan.Generic.D213EE09
ZoneAlarmHEUR:Trojan-Dropper.MSOffice.SDrop.gen
GDataTrojan.GenericKD.34860553
McAfeeW97M/Dropper.gz
TACHYONSuspicious/W97M.Obfus.Gen.8
ZonerProbably Heur.W97Obfuscated
ESET-NOD32a variant of Generik.ECCMCZC
IkarusTrojan-Dropper.VBA.Agent
FortinetVBA/Agent.5A0B!tr
AVGSNH:Script [Dropper]
Qihoo-360Generic/Trojan.Dropper.be6

How to remove TrojanDownloader:O97M/Obfuse.SS!MTB?

TrojanDownloader:O97M/Obfuse.SS!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment