Backdoor

UDS:Backdoor.MSIL.DcRat removal tips

Malware Removal

The UDS:Backdoor.MSIL.DcRat is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What UDS:Backdoor.MSIL.DcRat virus can do?

  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine UDS:Backdoor.MSIL.DcRat?



File Info:

name: 2F2C228328F9F0D80E0B.mlw
path: /opt/CAPEv2/storage/binaries/7270783ab34685fbac17011ee386e25e488c51204371221bd696051ac40ceeec
crc32: 3295C1D1
md5: 2f2c228328f9f0d80e0b4688f66af1f5
sha1: 9b7fb1971137ffa8b62750a4f1c8dd74b823d6fe
sha256: 7270783ab34685fbac17011ee386e25e488c51204371221bd696051ac40ceeec
sha512: 5b249f439e35f4b81839f64f2317b2d5d9acf09e8ecc3b99eb143e4de759180d36185186d1c638a32259617b4b929e9844a3916a44d7d23c425c7620bd541658
ssdeep: 6144:YxY7RRWXKiIHHmzTqyrei4ZC7rY1Zn+ClUxw0+2fAg:QaiyHIGAe7ZO87+2C7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T139A4F896A784EF11C1BF3674F66871F483B25CC6DFA1878B1881BDD977322846AC0683
sha3_384: 016613382603fcebedaece2c124cb3de1434014d7a73a855aa06adb0b1c9a3ae2de8c27aa043aca7da3caa8a6b0e71ab
ep_bytes: ff250020400000000000000000000000
timestamp: 1993-11-06 01:58:34


Version Info:

CompanyName: Adobe Inc
FileDescription: Adobe Download Manager
FileVersion: 2.0.0.620s
InternalName: Adobe Download Manager
LegalCopyright: Copyright 2019 Adobe Inc. All rights reserved.
OriginalFilename: Adobe Download Manager
ProductName: Adobe Download Manager
ProductVersion: 2.0.0.620s
Translation: 0x0409 0x04b0

UDS:Backdoor.MSIL.DcRat also known as:

FireEyeGeneric.mg.2f2c228328f9f0d8
CylanceUnsafe
Cybereasonmalicious.71137f
CyrenW32/MSIL_Kryptik.HEU.gen!Eldorado
SymantecPacked.Generic.619
Elasticmalicious (high confidence)
KasperskyUDS:Backdoor.MSIL.DcRat.gen
SophosML/PE-A
SentinelOneStatic AI – Malicious PE
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
CynetMalicious (score: 100)
Acronissuspicious
APEXMalicious
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL:5jBHXT4ahDJq/i8IVidh/w)
MaxSecureTrojan.Malware.300983.susgen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove UDS:Backdoor.MSIL.DcRat?

UDS:Backdoor.MSIL.DcRat removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment