What is “Trojan:Win32/Aptdrop.B”?

The Trojan:Win32/Aptdrop.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Aptdrop.B virus can do?

Sample contains Overlay data
Presents an Authenticode digital signature
Unconventionial language used in binary resources: Korean
Authenticode signature is invalid

How to determine Trojan:Win32/Aptdrop.B?


File Info:
name: 1D7FD704FE4E41FEFF9E.mlw
path: /opt/CAPEv2/storage/binaries/77dfb4ac1cc7fd43f2e0b6a543a6502aa0c8019e7316d8e218b881ea028f3319
crc32: 800B42B5
md5: 1d7fd704fe4e41feff9e3a005ed868d6
sha1: 83ba2a77f39c94d8bd0199069b419cd419d7c87a
sha256: 77dfb4ac1cc7fd43f2e0b6a543a6502aa0c8019e7316d8e218b881ea028f3319
sha512: 6e87d4d7ee8794bd3dbbea15efc443b07721f39c76aada45e7113d13761b5338cef945d1e9bd9fc91e08a013759a6585548813be92cac718ccdd2661bd0f131a
ssdeep: 3072:HIaPjRPqQhNaBNi8O4InhJjFFWQsi0SDyNV1Qra:HbCQjtWI7sVGa
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F1B3BF2176E0C072E0A7293018B4DBB25E7E79620678858B7BE8177E1F713D06B753DA
sha3_384: c6200c4dbd5d9400ddc37176189d5fa92df1f943d0ce9d6304f910e51e53a4b90bcb51a4d35f06d79a8f26e113f84262
ep_bytes: e87a350000e989feffff8bff558bec81
timestamp: 2015-09-11 22:02:41

Version Info:
CompanyName: Microsoft Windows(TM)
FileDescription: Windows Media Player Server
FileVersion: 6.1.0.7601
InternalName: wmp.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: wmp
ProductName: Dll Updater
ProductVersion: 6.1.0.7601
Translation: 0x0412 0x04b0

Trojan:Win32/Aptdrop.B also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Aptdrop.4!c
MicroWorld-eScan	Gen:Heur.Bodegun.8
FireEye	Gen:Heur.Bodegun.8
Skyhigh	Artemis
McAfee	Artemis!1D7FD704FE4E
Cylance	unsafe
Alibaba	Trojan:Win32/Aptdrop.ac66a4dc
CrowdStrike	win/malicious_confidence_60% (W)
Arcabit	Trojan.Bodegun.8
Symantec	Trojan.Gen.MBT
BitDefender	Gen:Heur.Bodegun.8
Avast	Win32:Malware-gen
Sophos	Mal/Generic-S
F-Secure	Trojan.TR/Aptdrop.royik
VIPRE	Gen:Heur.Bodegun.8
TrendMicro	TROJ_GEN.R002C0DLF23
Emsisoft	Gen:Heur.Bodegun.8 (B)
Ikarus	Trojan.Win32.Aptdrop
Google	Detected
Avira	TR/Aptdrop.royik
Antiy-AVL	Trojan/Win32.Aptdrop
Microsoft	Trojan:Win32/Aptdrop.B
ViRobot	Trojan.Win32.Agent.111856
GData	Gen:Heur.Bodegun.8
AhnLab-V3	Win-Trojan/Akdoor.Gen
BitDefenderTheta	Gen:NN.ZexaF.36802.gu2@aaf7ESiO
ALYac	Trojan.Bodegun.gen
MAX	malware (ai score=100)
Malwarebytes	Malware.AI.2577875643
TrendMicro-HouseCall	TROJ_GEN.R002C0DLF23
Rising	Trojan.Bitrep!8.F596 (CLOUD)
AVG	Win32:Malware-gen
Cybereason	malicious.4fe4e4
DeepInstinct	MALICIOUS

How to remove Trojan:Win32/Aptdrop.B?

Trojan:Win32/Aptdrop.B removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X