Trojan

About “TrojanDropper:Win32/Dorifel.AB!MTB” infection

Malware Removal

The TrojanDropper:Win32/Dorifel.AB!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDropper:Win32/Dorifel.AB!MTB virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine TrojanDropper:Win32/Dorifel.AB!MTB?



File Info:

name: 487548AEA751ABB016C9.mlw
path: /opt/CAPEv2/storage/binaries/98177daac1fc7b9087e75dc09420d4815703b6a648f4836db4366d2d326d36a1
crc32: 21EB1685
md5: 487548aea751abb016c9db4705da9c6c
sha1: 9cbe1afe016ff7894d6dd518c6a81f0dec70760b
sha256: 98177daac1fc7b9087e75dc09420d4815703b6a648f4836db4366d2d326d36a1
sha512: 44f736823f0d372c4b2c897357f9380ee19a81fd254505c5e57f22ac3d3b6bccd64893344d3572f6893543826d3657ba8a5cbfb18efec720c51fe81794c90489
ssdeep: 384:hL7li/2zDq2DcEQvdhcJKLTp/NK9xasv:B/M/Q9csv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F5422B63338642B2C3BD0E330DA35102D7B7D2056936AB6FB88C56654FB36D846A2779
sha3_384: 70b43698c2be7fc58712a4a13e27af54e227c0d543986bf9bd8ed8a370ccdbf7629019a47253b769facfa683af78005e
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-10-20 13:31:16


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: tmp866E.tmp.exe
LegalCopyright:  
OriginalFilename: tmp866E.tmp.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

TrojanDropper:Win32/Dorifel.AB!MTB also known as:

DrWebTrojan.MulDrop3.48688
MicroWorld-eScanGen:Variant.Marsilia.40775
ClamAVWin.Malware.Marsilia-10003123-0
FireEyeGeneric.mg.487548aea751abb0
CAT-QuickHealTrojandropper.Dorifel
ALYacGen:Variant.Marsilia.40775
Cylanceunsafe
VIPREGen:Variant.Marsilia.40775
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDropper:Win32/Dorifel.ff58b0c6
K7GWTrojan ( 0055f7621 )
K7AntiVirusTrojan ( 0055f7621 )
BitDefenderThetaGen:NN.ZemsilF.36302.am0@a0Ievcf
CyrenW32/MSIL_Agent.HI.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/TrojanDropper.Agent.EMA
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Dropper.Win32.Dorifel.gen
BitDefenderGen:Variant.Marsilia.40775
NANO-AntivirusTrojan.Win32.Win32.dccnlr
AvastWin32:MalwareX-gen [Trj]
TencentTrojan-Dropper.Win32.Dorifel.kh
TACHYONTrojan-Dropper/W32.DN-Dorifel.12800
EmsisoftGen:Variant.Marsilia.40775 (B)
F-SecureTrojan.TR/Kazy.25487956
ZillyaDropper.Agent.Win32.542245
TrendMicroTROJ_GEN.R002C0DG923
McAfee-GW-EditionBehavesLike.Win32.Generic.lm
Trapminemalicious.moderate.ml.score
SophosTroj/MDrop-JUL
SentinelOneStatic AI – Malicious PE
GDataMSIL.Trojan.PSE.14HAPPS
JiangminTrojanDropper.Dorifel.vf
AviraTR/Kazy.25487956
Antiy-AVLTrojan/Win32.AGeneric
XcitiumTrojWare.MSIL.TrojanDropper.Agent.DFA@8k9bo4
ArcabitTrojan.Marsilia.D9F47
ViRobotTrojan.Win.Z.Marsilia.12800.ZSG
ZoneAlarmHEUR:Trojan-Dropper.Win32.Dorifel.gen
MicrosoftTrojanDropper:Win32/Dorifel.AB!MTB
GoogleDetected
AhnLab-V3Trojan/Win32.RL_Generic.C3532593
McAfeeGenericRXJJ-HV!487548AEA751
MAXmalware (ai score=89)
VBA32TScope.Trojan.MSIL
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0DG923
RisingMalware.Obfus/MSIL@AI.81 (RDM.MSIL2:Y68lQGTU3ZiuexXlkSZNwg)
IkarusWin32.Outbreak
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/GenericKD.3201!tr
AVGWin32:MalwareX-gen [Trj]
Cybereasonmalicious.ea751a
DeepInstinctMALICIOUS

How to remove TrojanDropper:Win32/Dorifel.AB!MTB?

TrojanDropper:Win32/Dorifel.AB!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment