Trojan

Trojan:Win32/Meterpreter.O!MTB removal guide

Malware Removal

The Trojan:Win32/Meterpreter.O!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Meterpreter.O!MTB virus can do?

  • Attempts to connect to a dead IP:Port (3 unique times)
  • Creates RWX memory
  • Performs some HTTP requests
  • Attempts to create or modify system certificates

Related domains:

upd23.vxux.icu
apps.identrust.com

How to determine Trojan:Win32/Meterpreter.O!MTB?



File Info:

crc32: 22D2815D
md5: 3b91c0967be4ae921b60b2434948bff0
name: 3B91C0967BE4AE921B60B2434948BFF0.mlw
sha1: d8e4796c5e169136734437550526f26e9e360637
sha256: 3737e2198a159ed5a530bf687d8cb40ca6c284db86d4bd076affefffc3a5ef0a
sha512: 84b5e1f50f5509a1db4f7ee58d3e1627196cabf4366f49e1139ccac88373b8a42761e84734e55c51a509fc0ebb942f3f8cb289405dc61d77d7dc278b831c1965
ssdeep: 98304:PObki2u7InCEE+wysPM4mlaw0LI60GBGrGrGWAuU7jPLQ:Pbi6nTE+wBMHlaw0/U7jPL
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: MSPAINT
FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 6.1.7600.16385
FileDescription: Paint
OriginalFilename: MSPAINT.EXE
Translation: 0x0409 0x04b0

Trojan:Win32/Meterpreter.O!MTB also known as:

Elasticmalicious (high confidence)
ClamAVWin.Trojan.MSShellcode-6360728-0
ALYacTrojan.CryptZ.Gen
CylanceUnsafe
SangforTrojan.Win32.Save.a
BitDefenderTrojan.CryptZ.Gen
CyrenW32/Swrort.B
ESET-NOD32a variant of Win32/Rozena.CP
APEXMalicious
CynetMalicious (score: 100)
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
MicroWorld-eScanTrojan.CryptZ.Gen
Ad-AwareTrojan.CryptZ.Gen
SophosMal/EncPk-ACE
ComodoTrojWare.Win32.Rozena.A@4jwdqr
F-SecureTrojan.TR/Patched.Gen2
McAfee-GW-EditionSwrort.d
FireEyeGeneric.mg.3b91c0967be4ae92
EmsisoftTrojan.CryptZ.Gen (B)
AviraTR/Patched.Gen2
MicrosoftTrojan:Win32/Meterpreter.O!MTB
ArcabitTrojan.CryptZ.Gen
GDataTrojan.CryptZ.Gen
McAfeeSwrort.d
MAXmalware (ai score=84)
RisingHackTool.Swrort!1.6477 (CLASSIC)
FortinetW32/Swrort.C!tr

How to remove Trojan:Win32/Meterpreter.O!MTB?

Trojan:Win32/Meterpreter.O!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment