Trojan

Trojan:Win32/Glupteba.B!MTB (file analysis)

Malware Removal

The Trojan:Win32/Glupteba.B!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Glupteba.B!MTB virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Trojan:Win32/Glupteba.B!MTB?



File Info:

name: 6D6A9B81AC8F9E7D7E59.mlw
path: /opt/CAPEv2/storage/binaries/9de2581a3aeb375c38c2c146c151ec63ca2115fbf1eb277ecfcb68e96ce0a7ba
crc32: 7413E38C
md5: 6d6a9b81ac8f9e7d7e595caa87d1c143
sha1: d92d323cb356c7eeab3b778647c55c1e1e892d5f
sha256: 9de2581a3aeb375c38c2c146c151ec63ca2115fbf1eb277ecfcb68e96ce0a7ba
sha512: 24ef739a8690d6bb1573ba6ac69642b2b42bbc4ac12caf525a0825e630ef79ddc927a4e9d1d82a78fecffb6c48b267b951a11df09c9eee1651ac9ee73304db1d
ssdeep: 12288:oHaLl/CS9UX+yuwS1q00R2rQt7V9MFnSJcRya/UOi:Pl/Cd+gS1+R2WEFSJcRya/vi
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ADC4E09836BFE462D2F1E9B00CA292995AA77CE1CC530AA733C453CE1D546685FF4C72
sha3_384: 821c6564c5260501e96cc74dcf44982359b39ac0f5df561b5cff666910d47f70839f1b4d5cc23a6d75dac84e6fd83860
ep_bytes: 833d198f4200000f847e010000a1118f
timestamp: 2020-09-01 04:56:20


Version Info:

FileVersion: 7.2.1.1
LegalCopyright: Copyright © 2020
ProductVersion: 7.2.1.1
Translation: 0x0409 0x04b0

Trojan:Win32/Glupteba.B!MTB also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Kepiten.trmL
AVGWin32:TrojanX-gen [Trj]
MicroWorld-eScanGen:Variant.Razy.553929
FireEyeGeneric.mg.6d6a9b81ac8f9e7d
CAT-QuickHealTrojan.IgenericRI.S12473364
SkyhighBehavesLike.Win32.Lockbit.hc
McAfeeGenericRXHS-AA!6D6A9B81AC8F
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0056559e1 )
AlibabaTrojan:Win32/Glupteba.11b
K7GWTrojan ( 0056559e1 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaAI:Packer.1F7005C01F
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Glupteba.BC
CynetMalicious (score: 100)
APEXMalicious
KasperskyTrojan.Win32.Kepiten.a
BitDefenderGen:Variant.Razy.553929
NANO-AntivirusTrojan.Win32.Kepiten.huxaxl
SUPERAntiSpywareTrojan.Agent/Gen-Glupteba
AvastWin32:TrojanX-gen [Trj]
TencentMalware.Win32.Gencirc.10b49610
EmsisoftGen:Variant.Razy.553929 (B)
F-SecureTrojan.TR/AD.Glupteba.BT
DrWebTrojan.SpyBot.961
ZillyaTrojan.Kepiten.Win32.1909
TrendMicroTROJ_GEN.R002C0DBH24
Trapminemalicious.high.ml.score
SophosTroj/Glupteba-M
IkarusTrojan.Win32.Glupteba
GDataWin32.Trojan.PSE.FPK76K
JiangminTrojan.Kepiten.a
VaristW32/S-3ebf0797!Eldorado
AviraTR/AD.Glupteba.BT
Antiy-AVLTrojan/Win32.Glupteba
Kingsoftmalware.kb.a.999
XcitiumMalware@#3omlfx7jmwbi2
ArcabitTrojan.Razy.D873C9
ViRobotTrojan.Win.Z.Glupteba.549376.DY
ZoneAlarmTrojan.Win32.Kepiten.a
MicrosoftTrojan:Win32/Glupteba.B!MTB
GoogleDetected
AhnLab-V3Malware/Win32.Generic.R332075
VBA32BScope.TrojanProxy.Glupteba
ALYacGen:Variant.Razy.553929
MAXmalware (ai score=81)
MalwarebytesTrojan.Glupteba
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0DBH24
RisingTrojan.Glupteba!1.BC88 (CLASSIC)
SentinelOneStatic AI – Malicious PE
FortinetW32/Glupteba.B!tr
Cybereasonmalicious.1ac8f9
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Glupteba.BC

How to remove Trojan:Win32/Glupteba.B!MTB?

Trojan:Win32/Glupteba.B!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment