Trojan

How to remove “TrojanDropper:Win32/Blathla.A”?

Malware Removal

The TrojanDropper:Win32/Blathla.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDropper:Win32/Blathla.A virus can do?

  • Sample contains Overlay data
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Emumerates physical drives
  • Attempted to write directly to a physical drive

How to determine TrojanDropper:Win32/Blathla.A?



File Info:

name: 9C2038EDE45979B1C362.mlw
path: /opt/CAPEv2/storage/binaries/2dfd00c3f4de51b71dd423e6a1f7b2f94ea1f65849a21e28e6a7e2b6ae0951d5
crc32: 32EFDE67
md5: 9c2038ede45979b1c362468a97ff9983
sha1: 7b33f9b942fe5a7872bd72e0215e9b5d94166cd7
sha256: 2dfd00c3f4de51b71dd423e6a1f7b2f94ea1f65849a21e28e6a7e2b6ae0951d5
sha512: da6ebce68cb8b327e24240eb7243537f9c84ec2a5c1b9dde2c53899bc92b9ab4f4bca8258a294e8a09a2dab594ed4e92695701f5c4019dd422813c2d1c628b8b
ssdeep: 12288:qJupwI3iV2ENXh2mqBMi/n+usQe2dG1p0CCbbQrLY8MkK2X:qPI3Q2yh273v+seqG1p07H8MkfX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F4B4E101B641997DF8F310B68AFE0B75A968B96313186CC3E3C41E5D5A7AAF17E34207
sha3_384: 1952a046c5ff912c499d970f413d0c7ccbf7a4d2398a01a39e57e0fcf560bba2db882e5d7c2b188897fdb3034d179be5
ep_bytes: 6a6068f8324200e8531e0000bf940000
timestamp: 2010-10-11 09:47:27


Version Info:

FileDescription: Setup Module
FileVersion: 1, 0, 0, 1
InternalName: Setup
LegalCopyright: Copyright 2010
OriginalFilename: Setup.exe
ProductName: Setup Module
ProductVersion: 1, 0, 0, 1
Translation: 0x0409 0x04b0

TrojanDropper:Win32/Blathla.A also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Cadro.ljji
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Rugo.FD3D0300
FireEyeGeneric.mg.9c2038ede45979b1
SkyhighBehavesLike.Win32.Generic.hc
ALYacGeneric.Rugo.FD3D0300
Cylanceunsafe
VIPREGeneric.Rugo.FD3D0300
SangforSuspicious.Win32.Save.ins
K7AntiVirusAdware ( 004b94df1 )
BitDefenderGeneric.Rugo.FD3D0300
K7GWAdware ( 004b94df1 )
Cybereasonmalicious.942fe5
VirITTrojan.Win32.MulDrop1.CUPG
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Adware.WSearch.AN
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Dropper.Win32.Cadro.eqm
AlibabaTrojanDropper:Win32/Cadro.6825731f
NANO-AntivirusTrojan.Win32.Drop.ikdem
RisingTrojan.Win32.Fednu.aki (CLASSIC)
SophosRugo (PUA)
F-SecureDropper.DR/Cadro.A
DrWebTrojan.MulDrop1.49068
ZillyaAdware.BHO.Win32.5780
TrendMicroTROJ_GEN.R002C0CK223
Trapminemalicious.high.ml.score
EmsisoftGeneric.Rugo.FD3D0300 (B)
IkarusTrojan-Dropper.Win32.Cadro
JiangminTrojanDropper.Cadro.b
WebrootAdware:Win32/Rugo
GoogleDetected
AviraDR/Cadro.A
MAXmalware (ai score=100)
Antiy-AVLTrojan[Dropper]/Win32.Cadro
KingsoftWin32.Troj.Undef.a
MicrosoftTrojanDropper:Win32/Blathla.A
XcitiumApplicUnsaf.Win32.Adware.WSearch.AJ@2584m4
ArcabitGeneric.Rugo.FD3D0300
ZoneAlarmTrojan-Dropper.Win32.Cadro.eqm
GDataGeneric.Rugo.FD3D0300
VaristW32/Purgodoor.A.gen!Eldorado
AhnLab-V3Dropper/Win32.Cadro.R1482
McAfeeAdware-Rugo.g
DeepInstinctMALICIOUS
VBA32BScope.TrojanDropper.Cadro
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0CK223
TencentMalware.Win32.Gencirc.10b13bd0
YandexTrojan.GenAsa!LyretJs6C6k
SentinelOneStatic AI – Suspicious PE
MaxSecureDropper.Codra.eqm
FortinetW32/Cadro.A!tr
BitDefenderThetaGen:NN.ZexaF.36792.Fq1@a8nbX3mj
AVGWin32:Agent-AMDF [Drp]
AvastWin32:Agent-AMDF [Drp]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove TrojanDropper:Win32/Blathla.A?

TrojanDropper:Win32/Blathla.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment