Trojan

About “TrojanDownloader:Win32/Doina.GZT!MTB” infection

Malware Removal

The TrojanDownloader:Win32/Doina.GZT!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/Doina.GZT!MTB virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine TrojanDownloader:Win32/Doina.GZT!MTB?



File Info:

name: A5D2A61906CA1B9389AA.mlw
path: /opt/CAPEv2/storage/binaries/1f153dff1e94e62c1180b59070ec04b7308d7eee546cd3b901c959a7eb17a975
crc32: FC71C46B
md5: a5d2a61906ca1b9389aa6562a239ac40
sha1: 759a11b698e6fb63ecf9e5be0e95213df52b5f0a
sha256: 1f153dff1e94e62c1180b59070ec04b7308d7eee546cd3b901c959a7eb17a975
sha512: 21eabee4a1f36ee7c7bb136cc9291e18e43b34ce6d682128c4de100765122b78eb0862bcc22cca6269f18c878728c00348b04c86d509e313ee2bb386b47bb4bf
ssdeep: 768:J3gAHd3R/0LgdHnRTrVOWNwEMftQu/gzxmR6I/qE6OMaczw7:J3gA93Rc6I/qgF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14033F953A971C8B1F16545B602F60738B830E6A200FA566BEFC0DEB12DBB7369F5940D
sha3_384: 22be9ffd3830c4f4256e41b2541b1f9fe2df418a635668e311b6f47854d71df84adc68109f77e48a6d3dc1eb0f4d18c6
ep_bytes: e87b4a0000e8114a000033c0c3909090
timestamp: 2021-10-24 07:36:31


Version Info:

0: [No Data]

TrojanDownloader:Win32/Doina.GZT!MTB also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Dinwod.mgDt
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Lazy.352171
FireEyeGeneric.mg.a5d2a61906ca1b93
McAfeeGenericRXPT-GW!A5D2A61906CA
MalwarebytesMalware.AI.3178299077
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 005938581 )
AlibabaTrojanDownloader:Win32/Generic.eff444b5
K7GWTrojan-Downloader ( 005938581 )
Cybereasonmalicious.906ca1
BitDefenderThetaAI:Packer.55C4B25A1D
CyrenW32/Agent.ENH.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.GHY
APEXMalicious
ClamAVWin.Trojan.Generic-9907950-0
KasperskyVHO:Trojan.Win32.Agent.gen
BitDefenderGen:Variant.Lazy.352171
NANO-AntivirusTrojan.Win32.Jaik.jilxyu
AvastWin32:Evo-gen [Trj]
TencentTrojan.Win32.Agentb.wp
EmsisoftGen:Variant.Lazy.352171 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.DownLoader45.17273
VIPREGen:Variant.Lazy.352171
TrendMicroTROJ_GEN.R002C0PGP23
McAfee-GW-EditionBehavesLike.Win32.Generic.qm
Trapminemalicious.high.ml.score
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataWin32.Application.PSE.1ETEWJE
JiangminTrojan.Agent.dlwp
GoogleDetected
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=81)
Antiy-AVLVirus/Win32.Expiro.imp
XcitiumPacked.Win32.MUPX.Gen@24tbus
ArcabitTrojan.Lazy.D55FAB
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
ZoneAlarmVHO:Trojan.Win32.Agent.gen
MicrosoftTrojanDownloader:Win32/Doina.GZT!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R547377
ALYacGen:Variant.Lazy.352171
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0PGP23
RisingDownloader.Agent!1.DEFD (CLASSIC)
YandexTrojan.Agent!Uz6yraoUzdI
IkarusTrojan-Downloader.Win32.Agent
FortinetW32/Zusy.307491!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove TrojanDownloader:Win32/Doina.GZT!MTB?

TrojanDownloader:Win32/Doina.GZT!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment