Trojan

Trojan:Win32/Stelega.RMA!MTB information

Malware Removal

The Trojan:Win32/Stelega.RMA!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Stelega.RMA!MTB virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan:Win32/Stelega.RMA!MTB?



File Info:

name: 17A64B54E98B0576327B.mlw
path: /opt/CAPEv2/storage/binaries/e6c60c1267d921bef4a1d748bff36451889b1f27200e75d87b4a685cd69bbb38
crc32: BD448854
md5: 17a64b54e98b0576327b5f55bd10b31e
sha1: 70ca7d800f37d84b9717a86907ce1ec620a1c9e8
sha256: e6c60c1267d921bef4a1d748bff36451889b1f27200e75d87b4a685cd69bbb38
sha512: f8e949530a33014f91618ced0d009b01d615b0ac11ae9d5dbd8a541fc395a5d560ab46104ab6ba85d0d4eb449ef3cd25dbdc6caf6273a92e2de0f973aac5fdd0
ssdeep: 12288:hZHfwjHf7McVGoZg4haHyVZDfykmgM+ZppeIqc3kHf1nRh:h5fi/oco67haHyvDKl+ZGDc3k/1nRh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CF055CE0B4DEA51BF337C875F228E2C5F5E87871AE1DA0BF76A5A5B404B17C00505B2A
sha3_384: 5c704dcab5606dbc9684ef885eb74d7823b29627ce1cc74957d69cd8757cbfee36924d8fe163189b2e8bfc9525286bd9
ep_bytes: 8d43f86853664b00ff15a507460089c3
timestamp: 2021-11-16 01:36:47


Version Info:

FileVersion: 1, 3, 8, 6
Comments: Zoolater
InternalName: Tenosuture
CompanyName: Rupicaprine
LegalTrademarks: Nubilate
OriginalFilename: Phosphocarnic
PrivateBuild: Unroyalist
Translation: 0x0409 0x04e4

Trojan:Win32/Stelega.RMA!MTB also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Multi.Generic.4!c
tehtrisPUP.Optional.IObit/iobit/PUP.O
CynetMalicious (score: 100)
McAfeeArtemis!17A64B54E98B
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.3627381
SangforTrojan.Win32.Kryptik.HNIL
K7AntiVirusTrojan ( 0058a8091 )
AlibabaTrojan:Win32/Kryptik.b9107f1c
K7GWTrojan ( 0058a8091 )
Cybereasonmalicious.00f37d
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HNIL
APEXMalicious
Paloaltogeneric.ml
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderTrojan.Generic.31393460
MicroWorld-eScanTrojan.Generic.31393460
AvastWin32:TrojanX-gen [Trj]
TencentWin32.Trojan.Falsesign.Dzkg
Ad-AwareTrojan.Generic.31393460
SophosMal/Generic-S
ComodoMalware@#ep6js14gmdem
F-SecureTrojan.TR/AD.MeterpreterSC.lfdkx
DrWebProgram.Unwanted.2520
VIPRETrojan.Generic.31393460
TrendMicroTROJ_GEN.F0CBC0ULN21
McAfee-GW-EditionArtemis!Trojan
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.17a64b54e98b0576
EmsisoftTrojan.Crypt (A)
IkarusTrojan.Win32.Crypt
GDataWin32.Application.iObit.B
WebrootW32.Trojan.Gen
AviraTR/AD.MeterpreterSC.lfdkx
Antiy-AVLTrojan/Generic.ASMalwS.50E8
KingsoftWin32.Troj.Generic_a.a.(kcloud)
ArcabitTrojan.Generic.D1DF06B4
ZoneAlarmUDS:DangerousObject.Multi.Generic
MicrosoftTrojan:Win32/Stelega.RMA!MTB
AhnLab-V3Trojan/Win.Sabsik.C4774892
VBA32BScope.Trojan.SelfDel
ALYacTrojan.Generic.31393460
MAXmalware (ai score=99)
MalwarebytesSpyware.PasswordStealer
TrendMicro-HouseCallTROJ_GEN.F0CBC0ULN21
RisingTrojan.Generic@AI.100 (RDML:GMuiZWKAIfqblOU+AncjLg)
YandexTrojan.Cryptor!9sbNqaXL2VE
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.1728101.susgen
FortinetW32/Kryptik.HNIE!tr
AVGWin32:TrojanX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan:Win32/Stelega.RMA!MTB?

Trojan:Win32/Stelega.RMA!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment