Trojan

TrojanDropper:Win32/Oficla.T (file analysis)

Malware Removal

The TrojanDropper:Win32/Oficla.T is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What TrojanDropper:Win32/Oficla.T virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Authenticode signature is invalid

How to determine TrojanDropper:Win32/Oficla.T?


File Info:

name: 5F8DA05965D27D3C547E.mlw
path: /opt/CAPEv2/storage/binaries/e5af835af176cd20ea54a12acb5d86d80b59d0a60df1a03fb464cf71fd6b3aed
crc32: D86C1FD0
md5: 5f8da05965d27d3c547ebd989be05052
sha1: 0a988ab71c4e9d146b2f7f8f6fe5a36285a72525
sha256: e5af835af176cd20ea54a12acb5d86d80b59d0a60df1a03fb464cf71fd6b3aed
sha512: a4b047cb6b4d17a738daf643a0bcc48c1412e460839ae96134801e8bcd86d605ff4b3959289a06c0f9b12e3e8694bfcb070a5ebe1a2e1d2a789654b37f3f35b3
ssdeep: 384:2zbFXYQR5zMfkkWVJQ2myajgay+jT47/SqxnmXrYF+JGo+TVpfVlHAD0FswnYY7h:KRJR9fQ2mgaN2/SPvkoMf7HK0Fsw7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D3F2CF067953EEBBE8D308F458E3879E42B81D305B655AE73EA9380F5DB01C7D970542
sha3_384: 315858133741aac94d1bc18b6232e3c733a808e43fbba383f06a78fa206529afb3ad524571f27733d11122dab776a84d
ep_bytes: 558bec83ec40535657c745dc00000000
timestamp: 2010-08-26 05:29:01

Version Info:

FileVersion: 26.0.9.97
ProductVersion: 4.79.40.35
Translation: 0x0804 0x0000

TrojanDropper:Win32/Oficla.T also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.lhOh
tehtrisGeneric.Malware
DrWebTrojan.Packed.21143
MicroWorld-eScanGen:Variant.Dropper.7
FireEyeGeneric.mg.5f8da05965d27d3c
CAT-QuickHealTrojan.Oficla.T
McAfeeSpam-Mailbot.ab
CylanceUnsafe
VIPREGen:Variant.Dropper.7
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00199e331 )
AlibabaTrojan:Win32/Oficla.a255d9e3
K7GWTrojan ( 00199e331 )
Cybereasonmalicious.965d27
BitDefenderThetaAI:Packer.DE60304D1F
CyrenW32/Trojan.YGPD-3160
SymantecTrojan.Sasfis!gen3
Elasticmalicious (high confidence)
ESET-NOD32Win32/Oficla.IC
APEXMalicious
ClamAVWin.Trojan.GenericAD-1
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Dropper.7
NANO-AntivirusTrojan.Win32.Drop.dezrht
AvastWin32:DropperX-gen [Drp]
TencentWin32.Trojan.Oficla.Szmb
Ad-AwareGen:Variant.Dropper.7
TACHYONTrojan/W32.Oficla.35328.D
EmsisoftGen:Variant.Dropper.7 (B)
ComodoMalCrypt.Indus!@1qrzi1
ZillyaTrojan.Oficla.Win32.592
TrendMicroTROJ_BAMITAL.SMH
McAfee-GW-EditionSpam-Mailbot.ab
Trapminemalicious.high.ml.score
SophosMal/Generic-R + Troj/Mdrop-CVP
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Oficla.ce
WebrootW32.Trojan.Trojan-Downloader-Ta
GoogleDetected
AviraTR/Drop.Agent.AX.6
Antiy-AVLTrojan/Generic.ASMalwS.37EA
MicrosoftTrojanDropper:Win32/Oficla.T
ArcabitTrojan.Dropper.7
ViRobotTrojan.Win32.Oficla.35328.A
GDataGen:Variant.Dropper.7
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Oficla.R1094
VBA32BScope.Malware-Cryptor.Zbot.2413
ALYacGen:Variant.Dropper.7
MAXmalware (ai score=100)
TrendMicro-HouseCallTROJ_BAMITAL.SMH
RisingTrojan.Occamy!8.F1CD (TFE:3:IsqpEw3TkaG)
YandexTrojan.GenAsa!NSIcSOiS4C8
IkarusTrojan.Win32.Oficla
FortinetW32/Krypt.D!tr.dldr
AVGWin32:DropperX-gen [Drp]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_90% (W)

How to remove TrojanDropper:Win32/Oficla.T?

TrojanDropper:Win32/Oficla.T removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment