Trojan

Should I remove “TrojanDownloader:Win32/AsyncRat.CCHD!MTB”?

Malware Removal

The TrojanDownloader:Win32/AsyncRat.CCHD!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/AsyncRat.CCHD!MTB virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Creates a copy of itself

How to determine TrojanDownloader:Win32/AsyncRat.CCHD!MTB?



File Info:

name: FF22BCE6542F3DEB82AA.mlw
path: /opt/CAPEv2/storage/binaries/88bba8d06fe4b585cafa06317fada28de38ce672bd9d95851217dc743240f12c
crc32: 47EC0199
md5: ff22bce6542f3deb82aaecc2ad6e2595
sha1: c6e263773e1eb4597d01a81f61af5347934e5058
sha256: 88bba8d06fe4b585cafa06317fada28de38ce672bd9d95851217dc743240f12c
sha512: 2a0ff577f8cb1550b0793c8f0cd32e01a0e77f2d12ecd9b9ead406251084db1b200ce7b6c6136018956e99d2b94bd6e8665d790f96c40350d882fcf0af5214c4
ssdeep: 3072:KxhPYHVdGtA6EN2Z0uiVYpV2+hJdr3X0sOq:KfP0V96D0ui2pvJdTkY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T119F38B217290C032E557167089F8C7B69A3EB8724BA1A5CB77DA077A5F703D08B7835B
sha3_384: fc5de4cba43406ca5c35ecefbb280dc0bbbad95dcd9391ec19e97973fb1ad71f2e705e4c5400513881d2c5232e06556a
ep_bytes: e876730000e989feffff8bff558bec53
timestamp: 2024-01-12 01:33:12


Version Info:

CompanyName: wndods插件修复
FileDescription: wndods插件修复
FileVersion: 2.1.3.1
InternalName: wndods.exe
LegalCopyright: Copyright (C) 2023 wndods插件修复 © 江东集团
OriginalFilename: wndods.exe
ProductName: wndods插件
ProductVersion: 2.1.3.1
Translation: 0x0804 0x04b0

TrojanDownloader:Win32/AsyncRat.CCHD!MTB also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.DInvoke.4!c
DrWebTrojan.DownLoader46.48955
MicroWorld-eScanTrojan.GenericKD.71192660
FireEyeTrojan.GenericKD.71192660
SkyhighRDN/Generic BackDoor
McAfeeRDN/Generic BackDoor
Cylanceunsafe
SangforDownloader.Win32.Asyncrat.V7qw
K7AntiVirusTrojan-Downloader ( 005b08151 )
AlibabaTrojanDownloader:Win32/AsyncRat.60354a26
K7GWTrojan-Downloader ( 005b08151 )
VirITTrojan.Win32.Genus.UZP
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.HLH
KasperskyHEUR:Trojan.Win32.DInvoke.gen
BitDefenderTrojan.GenericKD.71192660
NANO-AntivirusTrojan.Win32.DInvoke.khalxy
AvastWin32:DropperX-gen [Drp]
TencentTrojan.Win32.Downloader_l.16001122
EmsisoftTrojan.GenericKD.71192660 (B)
GoogleDetected
F-SecureTrojan.TR/Dldr.Agent.zcuth
VIPRETrojan.GenericKD.71192660
TrendMicroBackdoor.Win32.ASYNCRAT.YXEALZ
SophosMal/Generic-S
IkarusTrojan-Downloader.Win32.Agent
GDataTrojan.GenericKD.71192660
VaristW32/ABRisk.NRIP-6372
AviraTR/Dldr.Agent.zcuth
MAXmalware (ai score=89)
Antiy-AVLTrojan/Win32.DInvoke
KingsoftWin32.Trojan.DInvoke.gen
ArcabitTrojan.Generic.D43E5054
ZoneAlarmHEUR:Trojan.Win32.DInvoke.gen
MicrosoftTrojanDownloader:Win32/AsyncRat.CCHD!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C5571844
ALYacTrojan.GenericKD.71192660
VBA32BScope.Backdoor.gh0RAT
MalwarebytesTrojan.Downloader
PandaTrj/Chgt.AD
TrendMicro-HouseCallBackdoor.Win32.ASYNCRAT.YXEALZ
RisingDownloader.Agent!1.F3B9 (CLASSIC)
FortinetW32/Agent.HLH!tr.dldr
AVGWin32:DropperX-gen [Drp]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove TrojanDownloader:Win32/AsyncRat.CCHD!MTB?

TrojanDownloader:Win32/AsyncRat.CCHD!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment