Trojan

TrojanDropper.Bototer removal guide

Malware Removal

The TrojanDropper.Bototer is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDropper.Bototer virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine TrojanDropper.Bototer?



File Info:

crc32: 54A44559
md5: 772dd832d76dc1da74df761f9c42436b
name: 772DD832D76DC1DA74DF761F9C42436B.mlw
sha1: cc91676c982f49fd9ffeeb2e7628fcc5d2b6ba17
sha256: 0aa5f4c653c8df21c7ddf7fd6a2f676fe03d88486afc907d177ba363f27c3249
sha512: 6965c8a9fb27c6d78989c03146a2e0201922c7de3306a1e793c64ee8b893b821e26d1d669fd71a8239760e9609e68e48a1f637d5f3982145ed9f635c250c7627
ssdeep: 24576:ApniAQZ0WaNQf8QL7h4fLy40kd0TVT1D90Kn7PhRdygh0QLxwsa3kY2+mO8R:+iAQZ0WcQf/FgLyQid1h93ygRW13O+mb
type: PE32 executable (GUI) Intel 80386, for MS Windows, InnoSetup self-extracting archive


Version Info:

InternalName: 
FileVersion:                     
CompanyName: login                                                       
Comments: This installation was built with Inno Setup: http://www.innosetup.com
ProductName: 
ProductVersion: 
FileDescription: x6781x901fx6d4fx89c8x5668 x5b89x88c5                                                    
OriginalFilename: 
Translation: 0x0409 0x04e4

TrojanDropper.Bototer also known as:

LionicTrojan.Win32.Generic.4!c
SangforTrojan.Win32.Bitrep.B
CyrenW32/Backdoor.UDYU-6167
AvastWin32:Malware-gen
NANO-AntivirusTrojan.Win32.Delphi.cyujts
TencentWin32.Trojan-dropper.Bototer.Agbl
SophosMal/Emogen-P
ComodoMalware@#3xz9ynxt64un
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
KingsoftWin32.Troj.Bototer.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeArtemis!772DD832D76D
VBA32TrojanDropper.Bototer
TrendMicro-HouseCallTROJ_GEN.R002H0CIU21
FortinetW32/Bototer.EW!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove TrojanDropper.Bototer?

TrojanDropper.Bototer removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment