Trojan

What is “Trojan:Win32/Tropid!rts”?

Malware Removal

The Trojan:Win32/Tropid!rts is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Tropid!rts virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Uses Windows utilities for basic functionality
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Modifies Image File Execution Options, indicative of process injection or persistence
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan:Win32/Tropid!rts?



File Info:

name: B9E51C55F88E3CC18269.mlw
path: /opt/CAPEv2/storage/binaries/5fc9af1480058dac3aab0255a733253ba1266f22a0f17b928c3a6eb0367f9324
crc32: 56028EF0
md5: b9e51c55f88e3cc18269e86c0a2ca5dc
sha1: 17a56d304010e16fd47881e1f3718062a0d29a1f
sha256: 5fc9af1480058dac3aab0255a733253ba1266f22a0f17b928c3a6eb0367f9324
sha512: 6ed712484df2897538c731f8ee228cdd8830d6c06910ed3f90f200cc0281e8ffb25e1c0f9cc9f0aae41738d17917c205947bad4073f787f67424891c0c787fce
ssdeep: 768:xkM26nEeIlnqy+BS/XMSv19PIC8KoQ4zU0diQIIwX/0iYR:xPECI/8u9QlG4zndIhP0iYR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15993BC112BFA2119F3B2BEF08B79DA586A37BCA58C27C51E11508D4D01B1D62DCB1B7B
sha3_384: a0aee53f7d97af75be742f61adcc0f849ee07d4bbf98407eaedfe9a3e28b3d21dc815c1143ddc92f7f0a1ceb8273829b
ep_bytes: 68941d4000e8f0ffffff000000000000
timestamp: 2006-11-26 17:30:20


Version Info:

Translation: 0x0804 0x04b0
CompanyName: 修复360安全卫士
ProductName: fuck
FileVersion: 1.00
ProductVersion: 1.00
InternalName: smsss
OriginalFilename: smsss.exe

Trojan:Win32/Tropid!rts also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.KillAV.4!c
AVGWin32:Trojan-gen
Elasticmalicious (high confidence)
MicroWorld-eScanDeepScan:Generic.Malware.PfYPk!1g.00F1FBA4
SkyhighBehavesLike.Win32.Generic.nt
McAfeeArtemis!B9E51C55F88E
MalwarebytesMalware.AI.3801344978
VIPREDeepScan:Generic.Malware.PfYPk!1g.00F1FBA4
SangforSuspicious.Win32.Save.vb
AlibabaTrojan:Win32/KillAV.7b61f4f1
CrowdStrikewin/malicious_confidence_100% (W)
SymantecTrojan.KillAV
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/VB.OLP
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Trojan.Killav-832
KasperskyTrojan.Win32.KillAV.dxd
BitDefenderDeepScan:Generic.Malware.PfYPk!1g.00F1FBA4
NANO-AntivirusTrojan.Win32.KillAV.bvcdls
AvastWin32:Trojan-gen
RisingMalware.Undefined!8.C (TFE:4:9gnZeArEK8I)
EmsisoftDeepScan:Generic.Malware.PfYPk!1g.00F1FBA4 (B)
F-SecureTrojan.TR/Dropper.Gen
ZillyaTrojan.KillAV.Win32.1715
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.b9e51c55f88e3cc1
SophosMal/Behav-109
SentinelOneStatic AI – Malicious PE
JiangminTrojan/KillAV.egb
AviraTR/Dropper.Gen
MAXmalware (ai score=99)
Antiy-AVLTrojan/Win32.KillAV
Kingsoftmalware.kb.a.999
MicrosoftTrojan:Win32/Tropid!rts
XcitiumMalware@#1trn7eqshv6ii
ArcabitDeepScan:Generic.Malware.PfYPk!1g.00F1FBA4
ViRobotTrojan.Win32.KillAV.94208.B
ZoneAlarmTrojan.Win32.KillAV.dxd
GDataDeepScan:Generic.Malware.PfYPk!1g.00F1FBA4
GoogleDetected
ALYacDeepScan:Generic.Malware.PfYPk!1g.00F1FBA4
TACHYONTrojan/W32.VB-KillAV.94208
Cylanceunsafe
PandaGeneric Malware
TencentMalware.Win32.Gencirc.13ad6936
IkarusTrojan.Win32.VB
MaxSecureTrojan.Malware.3677239.susgen
FortinetW32/KillAV.DXD!tr
BitDefenderThetaAI:Packer.1FFA11971C
Cybereasonmalicious.5f88e3
DeepInstinctMALICIOUS
alibabacloudTrojan[dropper]:Win/KillAV.dxd

How to remove Trojan:Win32/Tropid!rts?

Trojan:Win32/Tropid!rts removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment