What is “UDS:Backdoor.Win32.Mokes.aqhx”?

The UDS:Backdoor.Win32.Mokes.aqhx is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What UDS:Backdoor.Win32.Mokes.aqhx virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine UDS:Backdoor.Win32.Mokes.aqhx?


File Info:
name: F586432B97E91FD7444A.mlw
path: /opt/CAPEv2/storage/binaries/a5f2b5d11ca3ca9641384ec4cbe135501d0181ebd7360386d28a808b5301b7b2
crc32: FA32AEC8
md5: f586432b97e91fd7444a002fc42282f4
sha1: 00fe3d66ee5b72e8b1365578ea2b7dff8fe4face
sha256: a5f2b5d11ca3ca9641384ec4cbe135501d0181ebd7360386d28a808b5301b7b2
sha512: 90377979f445cdacc9be0a3980d594ad74ddaca05f9a0e813758e56d3adb8a0c9242f05c84b53dd0305cef7640e9babaf7b5306901b0469f22b8ca9958330fcd
ssdeep: 768:nl5HKHNfWPw/FjC64dDWE8OrgUtrYDiA7:nvH+fM2Fu64dS7x
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14FE2D0D165E04D6AE1A1CC32C9F49DD3A379AADA2E419370925C0EBD8A834F3E5087D9
sha3_384: 3f116a6df4c758944a957b7621f4fcba379613cbbdf48b6e1270b26b62d4e8090f8ae7e031fa182499f3ad5f154fdbe9
ep_bytes: e800000000750574039cbf218b1c2483
timestamp: 2023-05-12 14:46:44

Version Info:
0: [No Data]

UDS:Backdoor.Win32.Mokes.aqhx also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Generic.mg.f586432b97e91fd7
ALYac	Gen:Trojan.Heur.beW@JKnv4Pg
Cylance	unsafe
VIPRE	Gen:Trojan.Heur.beW@JKnv4Pg
K7AntiVirus	Trojan ( 00536d121 )
K7GW	Trojan ( 00536d121 )
Cybereason	malicious.b97e91
Arcabit	Trojan.Heur.E7EA27
Cyren	W32/SmokeLoader.A.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Smokeloader.J
APEX	Malicious
Kaspersky	UDS:Backdoor.Win32.Mokes.aqhx
BitDefender	Gen:Trojan.Heur.beW@JKnv4Pg
MicroWorld-eScan	Gen:Trojan.Heur.beW@JKnv4Pg
Avast	FileRepMalware [Pws]
Emsisoft	Gen:Trojan.Heur.beW@JKnv4Pg (B)
F-Secure	Trojan.TR/Crypt.XPACK.Gen
DrWeb	Trojan.PackedENT.241
McAfee-GW-Edition	BehavesLike.Win32.RAHack.nc
Trapmine	malicious.high.ml.score
Sophos	Mal/Behav-204
Ikarus	Trojan.Win32.SmokeLoader
Avira	TR/Crypt.XPACK.Gen
Antiy-AVL	Trojan/Win32.SmokeLoader
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	UDS:Backdoor.Win32.Mokes.aqhx
GData	Gen:Trojan.Heur.beW@JKnv4Pg
Google	Detected
AhnLab-V3	Trojan/Win32.Smokeldr.C3129113
Acronis	suspicious
McAfee	Artemis!F586432B97E9
MAX	malware (ai score=88)
Malwarebytes	Malware.AI.1147895438
Rising	Backdoor.Mokes!8.619 (TFE:4:XjtQFDPlt6R)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.214199524.susgen
Fortinet	W32/Smokeloader.J!tr
BitDefenderTheta	AI:Packer.A048CF4D1B
AVG	FileRepMalware [Pws]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove UDS:Backdoor.Win32.Mokes.aqhx?

UDS:Backdoor.Win32.Mokes.aqhx removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X