Trojan

What is “Trojan:Win32/Glupteba.MH!MTB”?

Malware Removal

The Trojan:Win32/Glupteba.MH!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Glupteba.MH!MTB virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Detects Sandboxie through the presence of a library
  • Detects Avast Antivirus through the presence of a library
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Trojan:Win32/Glupteba.MH!MTB?



File Info:

crc32: ED1CEE2E
md5: efc007fbd6297489214eee510b295f5c
name: EFC007FBD6297489214EEE510B295F5C.mlw
sha1: a3de0e92177774175c910d8c7ac75b7dd7c1b1e1
sha256: 038db8698b6bf0a2b258c072ef1e9fe90e1b846c386631085da6daf730bbef88
sha512: d45338c9b1036eb5f225a50468d23dc57ba7ed529bf09a22f45bce932737e9b708dae3a92b705d51be5489952f7a80f198ecddcc58d6302446cb93eede1ecb86
ssdeep: 1536:PZQc+sQ0RmhouLcjJkwHOlI5UM+Zaq+sZUnkzr0acSxwA1+sx5l4H+PH7A:PAZJLcROdZhskzr0qx1+sx5l4Hm7
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translations: 0x0155 0x0257

Trojan:Win32/Glupteba.MH!MTB also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.44538636
FireEyeGeneric.mg.efc007fbd6297489
CAT-QuickHealBackdoor.Agent
McAfeeRDN/GenericM
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusTrojan-Downloader ( 0052b9881 )
BitDefenderTrojan.GenericKD.44538636
K7GWTrojan-Downloader ( 0052b9881 )
Cybereasonmalicious.217777
CyrenW32/Wacatac.CH.gen!Eldorado
SymantecTrojan.Gen.2
TrendMicro-HouseCallTrojan.Win32.GLUPTEBA.THKAHBO
AvastWin32:CrypterX-gen [Trj]
ClamAVWin.Dropper.Glupteba-9798130-0
KasperskyHEUR:Backdoor.Win32.Agent.gen
AlibabaTrojanDownloader:Win32/Glupteba.3cabcb9c
ViRobotTrojan.Win32.S.Agent.125952.NL
AegisLabTrojan.Win32.Agent.m!c
RisingTrojan.Kryptik!1.CF2B (CLASSIC)
Ad-AwareTrojan.GenericKD.44538636
EmsisoftTrojan.GenericKD.44538636 (B)
F-SecureTrojan.TR/AD.Behavior.fqgnr
DrWebTrojan.Siggen11.26445
TrendMicroTrojan.Win32.GLUPTEBA.THKAHBO
McAfee-GW-EditionBehavesLike.Win32.Emotet.cc
SophosMal/Generic-S + Troj/Agent-BGAZ
IkarusTrojan.Inject
MaxSecureTrojan.Malware.9530778.susgen
AviraTR/AD.Behavior.fqgnr
MAXmalware (ai score=100)
KingsoftWin32.Hack.Undef.(kcloud)
MicrosoftTrojan:Win32/Glupteba.MH!MTB
GridinsoftTrojan.Win32.Downloader.oa
ArcabitTrojan.Generic.D2A79B0C
ZoneAlarmHEUR:Backdoor.Win32.Agent.gen
GDataTrojan.GenericKD.44538636
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Glupteba.R355786
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34634.hqW@aWURrojO
ALYacTrojan.SmokeLoader
VBA32BScope.Trojan.Download
MalwarebytesTrojan.MalPack.GS
PandaTrj/GdSda.A
APEXMalicious
ESET-NOD32Win32/TrojanDownloader.Zurgop.DA
YandexTrojan.Igent.bUPCID.7
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_86%
FortinetW32/Agent.5F5C!tr
WebrootW32.Trojan.Gen
AVGWin32:CrypterX-gen [Trj]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360Generic/HEUR/QVM10.2.572B.Malware.Gen

How to remove Trojan:Win32/Glupteba.MH!MTB?

Trojan:Win32/Glupteba.MH!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment