Trojan

Trojan:Win32/Redline.GNQ!MTB malicious file

Malware Removal

The Trojan:Win32/Redline.GNQ!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Redline.GNQ!MTB virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan:Win32/Redline.GNQ!MTB?



File Info:

name: D7B161A538AFE15C0AC6.mlw
path: /opt/CAPEv2/storage/binaries/42ac91034b7dd765d141e36697f1d833511cdbc78b4d1e8ad300aed8ee839690
crc32: 5FC23910
md5: d7b161a538afe15c0ac6809189548f1b
sha1: 78ac36bf26c510831d3b449e81d754097cfd3461
sha256: 42ac91034b7dd765d141e36697f1d833511cdbc78b4d1e8ad300aed8ee839690
sha512: c4b3bdb79004be6080c10ce606caa2c75284e5aaf5de94a165c6444c79d3d7f3f61a615d914be072452dba9f61ef0d0971ea6bbeaf4070ca661e4211fe719a20
ssdeep: 12288:HqvGzXTzHzaLNwjqcll4vplWtDO4sJKChJj6uZurysy2VpSQFGd:koHzaLNwjqclaa4zJKCh0VpSQFG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T198156D2178C4A072EEF320BB86ECB63542ADD4B4071556DB06DB17EED6606C27F32786
sha3_384: 8cafdd3b13deb583560c843065f9abc14d59b4f77884e1388e2ace822d658141a1ae2b57431ce29ce6485432aad37c95
ep_bytes: e966e80300e9be2d0600e9f06e0400e9
timestamp: 2023-11-01 07:30:12


Version Info:

0: [No Data]

Trojan:Win32/Redline.GNQ!MTB also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
SkyhighBehavesLike.Win32.Generic.cm
MalwarebytesTrojan.Injector
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HUYH
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Pwsx-10012424-0
KasperskyHEUR:Trojan-PSW.Win32.Stealerc.gen
RisingBackdoor.Agent!8.C5D (TFE:5:fKpFrkIy1XD)
SophosTroj/Krypt-ABY
IkarusTrojan.Win32.Redline
VaristW32/Kryptik.KYF.gen!Eldorado
MicrosoftTrojan:Win32/Redline.GNQ!MTB
ZoneAlarmHEUR:Trojan-PSW.Win32.Stealerc.gen
GoogleDetected
AhnLab-V3Trojan/Win.RedLine.R619460
DeepInstinctMALICIOUS
PandaTrj/Genetic.gen
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Kryptik.HUYH!tr
BitDefenderThetaGen:NN.ZexaF.36792.2yW@amNPFdb
AVGPWSX-gen [Trj]
AvastPWSX-gen [Trj]

How to remove Trojan:Win32/Redline.GNQ!MTB?

Trojan:Win32/Redline.GNQ!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment