Trojan

What is “Trojan:Win32/Redline.GNR!MTB”?

Malware Removal

The Trojan:Win32/Redline.GNR!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Redline.GNR!MTB virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan:Win32/Redline.GNR!MTB?



File Info:

name: A739F323A29C3E0E6947.mlw
path: /opt/CAPEv2/storage/binaries/489e9ab8043fb9302516032008b06fda30b2cc55e808b5edbcf9ccfd97d78580
crc32: 288D6A28
md5: a739f323a29c3e0e6947ca58f583e5c1
sha1: 29b53ac07acd33ebe643ac56b31fe3cf9d63bacb
sha256: 489e9ab8043fb9302516032008b06fda30b2cc55e808b5edbcf9ccfd97d78580
sha512: 275d3e9f0e345413c5aef04eb9bec2daebaffb2c37fc5faca6967c3f26f08062219485f0f1a7b809c89d8535a26108233c144ac535d713035a295cfb12c3eb5f
ssdeep: 12288:6bcLLI2dAClBItf+BVPfbqlHYBP3lq7bmxoRj3ccZRrpu9cdT0V0NpwhmFv:HLM2dACotf+BVnz8IoRj3ccfbgmF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DD457D3035804172DEBEE4F546ACFB5396BE80B0076125CB83F816EE9758AC6EB37552
sha3_384: 8b1f5a505d32f11cee494160574de09e19b6e9b9371b3bb9a4057bbfbe0cdf6513c1e3f46a144120abdfc67361e5e4ea
ep_bytes: e9ea280400e97b270700e95daf0400e9
timestamp: 2023-11-02 06:25:58


Version Info:

0: [No Data]

Trojan:Win32/Redline.GNR!MTB also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
SkyhighBehavesLike.Win32.Redline.th
CrowdStrikewin/malicious_confidence_60% (D)
BitDefenderThetaGen:NN.ZexaF.36792.kDW@aGoPgzc
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HUYH
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Pwsx-10012424-0
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
RisingBackdoor.Agent!8.C5D (TFE:1:6GqAaQTPo2I)
IkarusTrojan.Win32.Redline
VaristW32/Kryptik.KNN.gen!Eldorado
MicrosoftTrojan:Win32/Redline.GNR!MTB
ZoneAlarmHEUR:Trojan-Spy.Win32.Stealer.gen
GoogleDetected
AhnLab-V3Trojan/Win.RedLine.C5535794
DeepInstinctMALICIOUS
PandaTrj/Genetic.gen
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Injector.ETFD!tr
AVGWin32:TrojanX-gen [Trj]
AvastWin32:TrojanX-gen [Trj]

How to remove Trojan:Win32/Redline.GNR!MTB?

Trojan:Win32/Redline.GNR!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment