Trojan

About “Trojan:Win32/Meterpreter!pz” infection

Malware Removal

The Trojan:Win32/Meterpreter!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Meterpreter!pz virus can do?

  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan:Win32/Meterpreter!pz?



File Info:

name: 4A3913311D5D2DCF5C6A.mlw
path: /opt/CAPEv2/storage/binaries/9a4834b3a39f71a317448a02367c3452752dc338b9520aaa77ed723d5afeed09
crc32: 5FE8D38A
md5: 4a3913311d5d2dcf5c6ad77c79c0e718
sha1: ecd7724a7812030a15ff47f2dcc62ee62afea32a
sha256: 9a4834b3a39f71a317448a02367c3452752dc338b9520aaa77ed723d5afeed09
sha512: 6289830a346189e01f8a1307f7213224a411064c897111596ed6a20207df18842e8970abaf942a52fd9a40bcd8998e3dd7b86b4432833f9bb3a7eeeddf59e228
ssdeep: 768:ISarBEwFkHQ4mhLUtJxDaP5ImidyQfms+k5HFbuTWfCejBHqCq3:IZrBXFX4aUBaP5IdDfmsxxhuIXBdq3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13223F1802EFA6626D2733734227E1B60C65A7E7CFC3AD32E47BA399A00357494C48356
sha3_384: e62dabc1dbc6b941b6d5d5c77701db421f7903be824609a12f1374718c6311c5ddcaa1c6c62757b9e3bddf7be2daa3dd
ep_bytes: 60be00d040008dbe0040ffff5783cdff
timestamp: 2009-03-31 05:15:57


Version Info:

Comments: Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
CompanyName: Apache Software Foundation
FileDescription: ApacheBench command line utility
FileVersion: 2.2.14
InternalName: ab.exe
LegalCopyright: Copyright 2009 The Apache Software Foundation.
OriginalFilename: ab.exe
ProductName: Apache HTTP Server
ProductVersion: 2.2.14
Translation: 0x0409 0x04b0

Trojan:Win32/Meterpreter!pz also known as:

BkavW32.AIDetectMalware
Elasticmalicious (moderate confidence)
MicroWorld-eScanGeneric.ShellCode.Marte.3.557B9CFC
CAT-QuickHealTrojan.Swrort.A
SkyhighSwrort.d
McAfeeGenericRXAA-AA!4A3913311D5D
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.RozenaGen.Win32.2
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
SymantecPacked.Generic.347
ESET-NOD32a variant of Win32/Rozena.AA
APEXMalicious
ClamAVWin.Trojan.Swrort-5710536-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.ShellCode.Marte.3.557B9CFC
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Evo-gen [Trj]
TencentTrojan.Win32.Metasploit_heur.16000690
EmsisoftGeneric.ShellCode.Marte.3.557B9CFC (B)
GoogleDetected
F-SecureTrojan.TR/Crypt.ZPACK.Gen
VIPREGeneric.ShellCode.Marte.3.557B9CFC
TrendMicroBackdoor.Win32.SWRORT.SMAL01
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.4a3913311d5d2dcf
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
VaristW32/Swrort.B.gen!Eldorado
AviraTR/Crypt.ZPACK.Gen
MAXmalware (ai score=84)
Antiy-AVLTrojan/Win32.Rozena
MicrosoftTrojan:Win32/Meterpreter!pz
XcitiumTrojWare.Win32.Rozena.A@4jwdqr
ArcabitGeneric.ShellCode.Marte.3.557B9CFC
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataWin32.Trojan.PSE.12141ZK
CynetMalicious (score: 100)
AhnLab-V3Backdoor/Win32.Bifrose.R12476
BitDefenderThetaGen:NN.ZexaF.36802.cmKfay!fPJli
ALYacGeneric.ShellCode.Marte.3.557B9CFC
VBA32Trojan.Swrort
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallBackdoor.Win32.SWRORT.SMAL01
RisingHackTool.Swrort!1.6477 (CLASSIC)
IkarusTrojan.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Rozena.ABV!tr
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.11d5d2
DeepInstinctMALICIOUS

How to remove Trojan:Win32/Meterpreter!pz?

Trojan:Win32/Meterpreter!pz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment