How to remove “Trojan:Win32/Dofoil.ASN!MTB”?

The Trojan:Win32/Dofoil.ASN!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Dofoil.ASN!MTB virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Trojan:Win32/Dofoil.ASN!MTB?


File Info:
name: 9065E9CD6AC6B547DCFD.mlw
path: /opt/CAPEv2/storage/binaries/9a7a9df4dfa658e055c72e1014ee957f4653e34675dbba4b8f182f087e3ad253
crc32: BE0B667C
md5: 9065e9cd6ac6b547dcfddb5843f7c593
sha1: be04d1f49c2cdf18882410966d8cb47071f6941d
sha256: 9a7a9df4dfa658e055c72e1014ee957f4653e34675dbba4b8f182f087e3ad253
sha512: 3738c815ca90de0f045d81e0758ad5708bc302a7582ec655974536d3806e3c6703d8f59e86ce04da74ba880bacf015d334a7cf20ff27b5407804362137ff8ee0
ssdeep: 1536:U/aYdXY5SUAqLl6b8r6Cosub0+3U9hBRZl3Z3hkrYxIooyFi0jVxEeoXdr2DzC+:UCYS5Sul6b8et/e3l3Z8YxITyHJx3f
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T124F3C00373C18C56E0250A318952CBBC97B5BD60EAA2425773D47F9FFDB6290AD36B09
sha3_384: 41c63124c230f053d82df06d96fda7692e8c7a47aed216b8ae6a00960dc8be0db9daf7da9abe16d6f2290c91169803e3
ep_bytes: 00000000000000000000000000000000
timestamp: 2013-04-22 19:35:33

Version Info:
0: [No Data]

Trojan:Win32/Dofoil.ASN!MTB also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
CAT-QuickHeal	TrojanDropper.Gepys.A
Skyhigh	BehavesLike.Win32.RAHack.ch
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.49c2cd
Baidu	Win32.Trojan.Kryptik.ef
Symantec	ML.Attribute.HighConfidence
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Malware.Dofoil-10011286-0
Avast	Win32:Dofoil-CX [Trj]
TrendMicro	TROJ_GEN.R03BC0DAL24
Sophos	ML/PE-A
Ikarus	Trojan.Win32.Agent
GData	Win32.Trojan.Agent.N5D7DH
Jiangmin	Exploit.CVE-2015-2387.gn
Varist	W32/Gepys.BI.gen!Eldorado
Antiy-AVL	Trojan/Win32.Zbot
Kingsoft	malware.kb.a.1000
Microsoft	Trojan:Win32/Dofoil.ASN!MTB
Google	Detected
Acronis	suspicious
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R03BC0DAL24
Rising	Trojan.Generic@AI.100 (RDML://o71S8Pt4Spx80R5LZ9sg)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:Dofoil-CX [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan:Win32/Dofoil.ASN!MTB?

Trojan:Win32/Dofoil.ASN!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X