Trojan

Trojan:Win32/Vidar.AMS!MTB information

Malware Removal

The Trojan:Win32/Vidar.AMS!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Vidar.AMS!MTB virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the SystemBC Socks malware family
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan:Win32/Vidar.AMS!MTB?



File Info:

name: 266C50DA167D32579179.mlw
path: /opt/CAPEv2/storage/binaries/8937a9bd1a16cbb5a07e779b8d51f88a41830350cb0ed9a004bb43bd2d125f75
crc32: 694FF4DA
md5: 266c50da167d32579179dda5dc69e3a1
sha1: a06c039a5625a41237706aeeac61e57823d2e3ab
sha256: 8937a9bd1a16cbb5a07e779b8d51f88a41830350cb0ed9a004bb43bd2d125f75
sha512: ea508550bb8b4300d9e4acec72ce9cab293b337d926ed97afe5e71bbb4daf92454a4f22d4e65c582e656e9d5344953bb1b2864a9decf94d9cd35cd5c94b3f222
ssdeep: 12288:TeC3CZ/dn53l3lYZDGR2vK/BY3nLkpVpnG6kzX:i+m33l3lYZE2C/zG5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10A360732BFA0742ED36216FB5B76C277482579CC292FD4753AD41B4ECAE434327252A2
sha3_384: b8b8fc637cecd50e772bef3a54c3eca81a5aaa2a2cd60d86a6fee61fc5804587ac1be5c983996da72fd2dc2cf2e75235
ep_bytes: 558bec83c4ec33c08945ecb8cc264700
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: 360safe.com
FileDescription: Crash Report
FileVersion: 8, 6, 0, 1000
InternalName: DumpUper.exe
LegalCopyright: Copyright (C) 2015
OriginalFilename: DumpUper.exe
ProductName: 360 Total Security
ProductVersion: 8, 6, 0, 1000
Translation: 0x0409 0x04b0

Trojan:Win32/Vidar.AMS!MTB also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Bsymem.4!c
MicroWorld-eScanGen:Variant.Zusy.478052
FireEyeGen:Variant.Zusy.478052
ALYacGen:Variant.Zusy.478052
Cylanceunsafe
SangforTrojan.Win32.Bsymem.V51n
K7AntiVirusTrojan ( 005a8ec91 )
AlibabaTrojan:Win32/Bsymem.8a8aee95
K7GWTrojan ( 005a8ec91 )
CyrenW32/ABRisk.DRSY-8415
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.GMAU
APEXMalicious
CynetMalicious (score: 99)
KasperskyHEUR:Trojan.Win32.Bsymem.gen
BitDefenderGen:Variant.Zusy.478052
TencentMalware.Win32.Gencirc.10bf0bb0
TACHYONTrojan/W32.DP-Bsymem.5047808
EmsisoftGen:Variant.Zusy.478052 (B)
F-SecureTrojan.TR/AD.Coroxy.ergsz
VIPREGen:Variant.Zusy.478052
TrendMicroBackdoor.Win32.SYSTEMBC.YXDGUZ
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
GDataGen:Variant.Zusy.478052
AviraTR/AD.Coroxy.ergsz
Antiy-AVLTrojan/Win32.Bsymem
ArcabitTrojan.Zusy.D74B64
ZoneAlarmHEUR:Trojan.Win32.Bsymem.gen
MicrosoftTrojan:Win32/Vidar.AMS!MTB
GoogleDetected
AhnLab-V3Trojan/Win.CrypterX-gen.C5457868
McAfeeArtemis!266C50DA167D
MAXmalware (ai score=84)
DeepInstinctMALICIOUS
MalwarebytesMalware.AI.1899886792
PandaTrj/Chgt.AD
TrendMicro-HouseCallBackdoor.Win32.SYSTEMBC.YXDGUZ
RisingTrojan.Bsymem!8.FAE7 (TFE:3:NeRRuyY8ThO)
IkarusTrojan.Win32.Krypt
MaxSecureTrojan.Malware.73746529.susgen
FortinetW32/PossibleThreat
AVGWin32:CrypterX-gen [Trj]
AvastWin32:CrypterX-gen [Trj]
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Trojan:Win32/Vidar.AMS!MTB?

Trojan:Win32/Vidar.AMS!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment