How to remove “Trojan:Win32/Redline.GNR!MTB”?

The Trojan:Win32/Redline.GNR!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Redline.GNR!MTB virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Trojan:Win32/Redline.GNR!MTB?


File Info:
name: A6963273C0BCA4FCBF2E.mlw
path: /opt/CAPEv2/storage/binaries/cdee3079c12333626708387be786ee18b97fbd902947e592484a49f5cbda11bc
crc32: 9353A4A4
md5: a6963273c0bca4fcbf2e54aab71df6a7
sha1: 2bb0bc3f126e788d6ba0c5cd1e53ce9b9f1e70b5
sha256: cdee3079c12333626708387be786ee18b97fbd902947e592484a49f5cbda11bc
sha512: 1e2f8319e3325f0e6e49942f232235a6f4716f3d9c1da1f12df741a37dba1f4c8ebe15af4213c8242d8336e06d710046aec66185caac6e7c3060b8a13462cbce
ssdeep: 24576:qxj2dASetf+BVzsGIoRj3cBWbOlee331P:xetf+BVzIwmVl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AD45AE2178C04071EEF320BE42EDBA2A426DD0B033165ADB16D957EFE6606C1BF36597
sha3_384: 9eb5c36e16a744a410cdc398680fbbe3442887a648c142bc737c0dc27b0f17c64c52677862bf66fdd459a9c3b94e0999
ep_bytes: e9ea280400e97b270700e95daf0400e9
timestamp: 2023-11-02 07:27:59

Version Info:
0: [No Data]

Trojan:Win32/Redline.GNR!MTB also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Variant.Zusy.517612
FireEye	Gen:Variant.Zusy.517612
Skyhigh	BehavesLike.Win32.Redline.th
BitDefender	Gen:Variant.Zusy.517612
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Kryptik.HUYH
APEX	Malicious
ClamAV	Win.Packed.Pwsx-10012424-0
Kaspersky	HEUR:Trojan-Spy.Win32.Stealer.gen
Rising	Backdoor.Agent!8.C5D (TFE:1:6GqAaQTPo2I)
Ikarus	Trojan.Win32.Redline
MAX	malware (ai score=82)
Google	Detected
Varist	W32/Kryptik.KNN.gen!Eldorado
Microsoft	Trojan:Win32/Redline.GNR!MTB
ZoneAlarm	HEUR:Trojan-Spy.Win32.Stealer.gen
GData	Gen:Variant.Zusy.517612
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.RedLine.C5535794
DeepInstinct	MALICIOUS
Panda	Trj/Genetic.gen
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Injector.ETFD!tr
BitDefenderTheta	Gen:NN.ZexaF.36792.hDW@a0XvGr
AVG	Win32:TrojanX-gen [Trj]
Avast	Win32:TrojanX-gen [Trj]
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Trojan:Win32/Redline.GNR!MTB?

Trojan:Win32/Redline.GNR!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X