Trojan

Trojan:Win32/WhisperGate.ES!MTB removal guide

Malware Removal

The Trojan:Win32/WhisperGate.ES!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/WhisperGate.ES!MTB virus can do?

  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan:Win32/WhisperGate.ES!MTB?



File Info:

name: 143312726AAF5DCCC412.mlw
path: /opt/CAPEv2/storage/binaries/156849dec97a84ab8739fa4a9ec929cfe48a88b02dc8c0a60b295d7b9890ecad
crc32: 27B8F27B
md5: 143312726aaf5dccc412cdc238ce509b
sha1: 454a518ec5df475006c51a89d89937e71c67cf63
sha256: 156849dec97a84ab8739fa4a9ec929cfe48a88b02dc8c0a60b295d7b9890ecad
sha512: e7e88cd72f26b10db7e267a9a5dc0da7d19c5d3dd82adfda5c1827f80a4870faa1cbc7e6701c3d47c348b409b2ee0222936b5bc083c138e81cc51e54bb036478
ssdeep: 768:IB2ouBEJzohtcwPQmE6lzPP3lLuzZPKqzzo/oBtYUaNMROxQhhfPgdR5:mT9o0cQ+1PP3lLuBZHo8t/aNaO+hhfPS
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T15C23F895BE648CEBE651633E80EBC37B5B7DF5818B230B53B734BA305B137962094246
sha3_384: c4ef41c88be0e9d22d95daa76e5ea0b67f0a93b34b7d97b7f547fab6873dcd5580651d10c142f626c49219b18a64db7a
ep_bytes: 83ec1cc7042401000000ff154c924000
timestamp: 2023-12-22 21:46:23


Version Info:

0: [No Data]

Trojan:Win32/WhisperGate.ES!MTB also known as:

BkavW32.Common.DF07F0D3
LionicTrojan.Win32.Dacic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Dacic.1206.C97EEAE3
CAT-QuickHealTrojan.Whispergte.S32769064
SkyhighBehavesLike.Win32.Generic.pm
ALYacGeneric.Dacic.1206.C97EEAE3
Cylanceunsafe
SangforSuspicious.Win32.Save.a
AlibabaTrojan:Win32/WhisperGate.58924746
K7GWTrojan ( 005b11261 )
K7AntiVirusTrojan ( 005b11261 )
ArcabitGeneric.Dacic.1206.C97EEAE3
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Agent_AGen.CZP
TrendMicro-HouseCallTROJ_GEN.R002C0DAL24
ClamAVWin.Trojan.Generic-10017566-0
KasperskyHEUR:Trojan.Win32.Shellex.gen
BitDefenderGeneric.Dacic.1206.C97EEAE3
NANO-AntivirusTrojan.Win32.Shellex.khkkza
AvastWin32:TrojanX-gen [Trj]
TencentTrojan.Win32.Shellex.ka
EmsisoftGeneric.Dacic.1206.C97EEAE3 (B)
F-SecureHeuristic.HEUR/AGEN.1371970
DrWebBACKDOOR.Trojan
VIPREGeneric.Dacic.1206.C97EEAE3
TrendMicroTROJ_GEN.R002C0DAL24
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.143312726aaf5dcc
SophosTroj/Inject-JGZ
IkarusTrojan.Win32.Agent
JiangminTrojan.Generic.bjgvg
GoogleDetected
AviraHEUR/AGEN.1371970
VaristW32/Kryptik.LIO.gen!Eldorado
Antiy-AVLTrojan/Win32.Shellex
KingsoftWin32.Trojan.Shellex.gen
MicrosoftTrojan:Win32/WhisperGate.ES!MTB
ZoneAlarmHEUR:Trojan.Win32.Shellex.gen
GDataWin32.Trojan.PSE.11FY7F6
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R630323
McAfeeArtemis!143312726AAF
MAXmalware (ai score=88)
VBA32Trojan.Shellex
MalwarebytesTrojan.Injector
PandaTrj/GdSda.A
RisingTrojan.Agent!8.B1E (TFE:5:VtroI0rgWfE)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.CZK!tr
BitDefenderThetaGen:NN.ZexaF.36804.c0Y@a4oDvpe
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan:Win32/WhisperGate.ES!MTB?

Trojan:Win32/WhisperGate.ES!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment