Trojan

Trojan:Win32/Kovter.E removal tips

Malware Removal

The Trojan:Win32/Kovter.E is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Kovter.E virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • At least one process apparently crashed during execution
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan:Win32/Kovter.E?



File Info:

name: 420798A8CE926E37D049.mlw
path: /opt/CAPEv2/storage/binaries/79807c4c75da53d6abadf3d97ec41ce4614035c02b6f378f43ba9f680fd551c9
crc32: 9BE194D3
md5: 420798a8ce926e37d04942e1c20ded99
sha1: 09e07d2fd093e86e5af6a58f495ac933ce2005b8
sha256: 79807c4c75da53d6abadf3d97ec41ce4614035c02b6f378f43ba9f680fd551c9
sha512: 904baaa91946c91d55b7ff6753f3acc09a971f1fe7c87c7bdcbc69a7f61487a215ccb9ac83159c860fb6508dde71d73df78c067de42b3c5555dbd0758f48229f
ssdeep: 6144:BZJ6cwYCkwJBuJPu189wrGhEdBtxdTvWnVfnttDhqsDynfygUKpw:BZsYvwzuJPu6wrGhEdDoTtqsDNgUKy
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1CE84CF10A581D139F6D741B989F98FBD651CFE20035424C793C8ABBE936A7E129F20DE
sha3_384: fd025c9873a7862db6f268d8ea9e0b12ef2adcff4d9146a36c4ba18ce3742179295ba5e4c907ee6787e4160e0d142fdc
ep_bytes: 558bec6aff6870ec410068c4bd400064
timestamp: 2015-01-05 16:24:09


Version Info:

0: [No Data]

Trojan:Win32/Kovter.E also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.mfrs
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.121726
FireEyeGeneric.mg.420798a8ce926e37
CAT-QuickHealRansomware.LockScreen.AO3
ALYacGen:Variant.Zusy.121726
CylanceUnsafe
VIPREGen:Variant.Zusy.121726
SangforTrojan.Win32.Kovter.8
K7AntiVirusTrojan ( 0055dd191 )
BitDefenderGen:Variant.Zusy.121726
K7GWTrojan ( 0055dd191 )
Cybereasonmalicious.8ce926
BitDefenderThetaGen:NN.ZexaF.34582.xqZ@aidcoGj
VirITTrojan.Win32.Crypt_s.HUS
CyrenW32/S-fae91196!Eldorado
SymantecRansom.Kovter
tehtrisGeneric.Malware
ESET-NOD32Win32/Kovter.A
APEXMalicious
ClamAVWin.Trojan.Jaik-9753951-0
KasperskyHEUR:Trojan.Win32.Generic
NANO-AntivirusTrojan.Win32.Kovter.dlpwuz
RisingTrojan.Generic@AI.85 (RDML:HvkK2QO537TpPMKFrl7B9Q)
Ad-AwareGen:Variant.Zusy.121726
SophosML/PE-A
ComodoTrojWare.Win32.Spy.Zbot.AKH@5iwr2o
DrWebTrojan.Kovter.15
ZillyaTrojan.Inject.Win32.158587
TrendMicroTSPY_KOVTER.SMA
McAfee-GW-EditionTrojan-FFMY!420798A8CE92
Trapminesuspicious.low.ml.score
EmsisoftGen:Variant.Zusy.121726 (B)
IkarusTrojan.Win32.Kovter
GDataGen:Variant.Zusy.121726
JiangminTrojan/Inject.avqg
WebrootW32.Rogue.Gen
AviraHEUR/AGEN.1222605
MAXmalware (ai score=81)
Antiy-AVLTrojan/Generic.ASMalwS.330C
ArcabitTrojan.Zusy.D1DB7E
SUPERAntiSpywareTrojan.Agent/Gen-Kovter
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Kovter.E
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.MDA.R131385
McAfeeTrojan-FFMY!420798A8CE92
VBA32Trojan.Inject
MalwarebytesMalware.AI.3789368035
PandaTrj/Genetic.gen
TrendMicro-HouseCallTSPY_KOVTER.SMA
TencentMalware.Win32.Gencirc.10c2c179
YandexTrojan.GenAsa!UkNTl32dya0
SentinelOneStatic AI – Suspicious PE
FortinetW32/Kryptik.EUMB!tr
AVGWin32:GenMalicious-BIN [Trj]
AvastWin32:GenMalicious-BIN [Trj]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Trojan:Win32/Kovter.E?

Trojan:Win32/Kovter.E removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment