Trojan:Win32/Dridex!pz removal

The Trojan:Win32/Dridex!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Dridex!pz virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Trojan:Win32/Dridex!pz?


File Info:
name: 3AF392C7DB3954CF490E.mlw
path: /opt/CAPEv2/storage/binaries/d3759b753a3b7e178ced7ea22b65efcf2760d066e6814bb16a2704098837016a
crc32: 66C3F495
md5: 3af392c7db3954cf490e531adecf899f
sha1: 6e8cce54c2eb9f496dd3741f506ab58a7daeee21
sha256: d3759b753a3b7e178ced7ea22b65efcf2760d066e6814bb16a2704098837016a
sha512: eb4e236048323975220d79bc055af0cf379ea0f85c9f86efdc7cc0a1dc09575b5e96bb8f642f29ac63ee8a4a52d4ee54fc74e5839eff8f7e446185cd51de66ef
ssdeep: 192:yKHKJyNY4p/hafughya6q8d5wMzOC04Z8p6by6MIz2WzwB:ytJkTha/hya6pd5dz6S8pPbx
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T13162D667336142E0E18482741A8ACFB33F6F6D323605610FBF8856AC3534B744A8766F
sha3_384: e07679e7728376b8d643b924e3fda1b09fac3265aa8f9649da659a881a8f55ef4d2932af25b53ae67ee414347aacccba
ep_bytes: 5589e581ec2c01000060837d0c010f85
timestamp: 2020-05-18 13:44:56

Version Info:
FileDescription: MODULE 14(018) Ford delphi DCM 3.5 CAN
CompanyName: MMC flasher
LegalCopyright: All rights reserved
ProductVersion: 10.018
Translation: 0x0409 0x0000

Trojan:Win32/Dridex!pz also known as:

Lionic	Trojan.Win32.Malicious.4!c
Elastic	malicious (high confidence)
FireEye	Generic.mg.3af392c7db3954cf
Skyhigh	BehavesLike.Win32.Generic.lm
Cylance	unsafe
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	Trojan:Win32/Cerbu.c6d683e9
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
APEX	Malicious
ClamAV	Win.Malware.Cerbu-9822884-0
Avast	Win32:Malware-gen
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
Google	Detected
Varist	W32/Cerbu.S.gen!Eldorado
Antiy-AVL	Trojan/Win32.Dridex
Kingsoft	malware.kb.a.972
Microsoft	Trojan:Win32/Dridex!pz
GData	Win32.Trojan.PSE.15W2GO5
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.RL_Generic.R364055
McAfee	GenericRXGY-GH!3AF392C7DB39
Malwarebytes	Generic.Malware.AI.DDS
Rising	Trojan.Generic@AI.82 (RDMK:jk7qHSpRyPhNNRIrmJhaXA)
Ikarus	Trojan.Crypt
MaxSecure	Trojan.Malware.188464985.susgen
Fortinet	W32/Agent.B7DE!tr
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove Trojan:Win32/Dridex!pz?

Trojan:Win32/Dridex!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X