Trojan

About “TrojanDownloader:Win32/Upatre.AE” infection

Malware Removal

The TrojanDownloader:Win32/Upatre.AE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:Win32/Upatre.AE virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine TrojanDownloader:Win32/Upatre.AE?



File Info:

name: 7CA5B600ADA9909CD594.mlw
path: /opt/CAPEv2/storage/binaries/dd29e32a35002b8e2a7df467300bb8dd69cf67c5d942352d8eed75b693f79fd3
crc32: 697D8B1E
md5: 7ca5b600ada9909cd59429911db93c6a
sha1: 53f2c6df0133d56d3262ef6842a77bb5b1ba449d
sha256: dd29e32a35002b8e2a7df467300bb8dd69cf67c5d942352d8eed75b693f79fd3
sha512: 7bcfc367612732692fe25c275635077989f1fdbdaed3c2eb176e17ab14d7a947f202c9e656104fc5558434c97873e6321d6b26bd9e1df2f113f0ee6ab1b17cf3
ssdeep: 384:vyH6qYnMTUCa+GtNgBiZ7zO7poLN6y5BOUyf08gRcd/fAI:vDqYnMTOV5ZXO9o56McUyc8fHAI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C6F260246BD50C71F33F8A75AAB345B665A8B4313ADE953EB18D07080873652B9F1F0E
sha3_384: 721f2c00d592fd70f737d790a942fb61d798b203975d3f2e28e42d8cb075ef5a8eece965b72b180397dee03fce39871d
ep_bytes: 6a00e83f000000a3505b40006a006870
timestamp: 2014-05-19 17:29:43


Version Info:

CompanyName: Your Name or Company
FileDescription: Description of your app
FileVersion: 1.0
InternalName: tool name
OriginalFilename: cropt.exe
LegalCopyright: © 2020 Your Name
ProductName: Your Product Name
ProductVersion: 1.0
Translation: 0x0409 0x04b0

TrojanDownloader:Win32/Upatre.AE also known as:

BkavW32.FamVT.GeND.Trojan
LionicTrojan.Win32.Agent.trCZ
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Agent.BDBS
ClamAVWin.Trojan.Agent-1109343
FireEyeGeneric.mg.7ca5b600ada9909c
CAT-QuickHealTrojanDownloader.Upatre.AA4
McAfeeTrojan-FBTI
Cylanceunsafe
ZillyaTrojan.Agent.Win32.465766
SangforDownloader.Win32.Upatre.V8zx
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDownloader:Win32/Upatre.d3315524
K7GWTrojan ( 0049a6121 )
K7AntiVirusTrojan ( 0049a6121 )
VirITTrojan.Win32.Generic.CEAL
CyrenW32/Trojan.JVNN-8054
SymantecSMG.Heur!gen
tehtrisGeneric.Malware
ESET-NOD32Win32/TrojanDownloader.Waski.E
ZonerTrojan.Win32.22919
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan-Banker.Win32.Agent.kik
BitDefenderTrojan.Agent.BDBS
NANO-AntivirusTrojan.Win32.Agent.cyvndz
AvastWin32:Trojan-gen
TencentTrojan-Banker.Win32.Agent.ha
SophosTroj/Agent-AHDK
DrWebTrojan.DownLoad3.33216
VIPRETrojan.Agent.BDBS
TrendMicroTrojan.Win32.UPATRE.USASHC323
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.nm
Trapminemalicious.moderate.ml.score
EmsisoftTrojan.Agent.BDBS (B)
IkarusTrojan-Downloader.Win32.Upatre
GDataWin32.Trojan-Downloader.Upatre.BJ
JiangminTrojan.Banker.Agent.bwc
AviraTR/AD.Yarwi.maywd
Antiy-AVLTrojan/Win32.Waski.a
XcitiumMalware@#crhj4t6rnp4r
ArcabitTrojan.Agent.BDBS
ViRobotTrojan.Win.Z.Agent.36532.A
ZoneAlarmTrojan-Banker.Win32.Agent.kik
MicrosoftTrojanDownloader:Win32/Upatre.AE
GoogleDetected
AhnLab-V3Dropper/Win32.Necurs.R112167
Acronissuspicious
ALYacTrojan.Agent.BDBS
MAXmalware (ai score=88)
VBA32TrojanBanker.Agent
MalwarebytesMalware.AI.2010971024
TrendMicro-HouseCallTrojan.Win32.UPATRE.USASHC323
RisingTrojan.DL.Win32.Upatre.amg (CLASSIC)
YandexTrojan.Agent!LQSTuMPRq6o
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Upatre.Gen
FortinetW32/Generic.AC.1C6990!tr
AVGWin32:Trojan-gen
PandaGeneric Malware

How to remove TrojanDownloader:Win32/Upatre.AE?

TrojanDownloader:Win32/Upatre.AE removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment