Trojan

Should I remove “UDS:Trojan-Dropper.Multi.GenericML.xnet”?

Malware Removal

The UDS:Trojan-Dropper.Multi.GenericML.xnet is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What UDS:Trojan-Dropper.Multi.GenericML.xnet virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine UDS:Trojan-Dropper.Multi.GenericML.xnet?



File Info:

name: BB40B9FAF75C9DE9CEC8.mlw
path: /opt/CAPEv2/storage/binaries/91cff85af588573cb44e7eb95c8bdc86c7667fad0a89c5ecb048a9a90de25e7a
crc32: D2FF7F1F
md5: bb40b9faf75c9de9cec832c61b1a1782
sha1: da5bf3c270e80b0a7ad0fad70411b8143a63ff75
sha256: 91cff85af588573cb44e7eb95c8bdc86c7667fad0a89c5ecb048a9a90de25e7a
sha512: 0a19db72118be2c2e2b21b295e3bd6f42dbbe3fe60e385ad32532a6e30e3c841244bab84f01940fcc36d87b5e9536253044c8efbe4e12044649397456428686b
ssdeep: 6144:KObd4sGSYer6QB0bGdOtaTxsiPBaRB9CSrKPJ:KObd4sGyBL3dsUBuASr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16944AE39EFAC6242C7CE93B9D4E204A092F2AA69F583F7865058FDF125063E0DD1645F
sha3_384: ed266750e0dbab7112ae2fff247e139a45689d088a931e2146dc8b6024238126c8f45cf33ff358671bcd61d0dee8832e
ep_bytes: ff2500e04400020000971600000a080b
timestamp: 2092-04-24 15:52:11


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: IdkTest
FileVersion: 1.0.0.0
InternalName: IdkTest.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: IdkTest.exe
ProductName: IdkTest
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

UDS:Trojan-Dropper.Multi.GenericML.xnet also known as:

LionicTrojan.Win32.Malicious.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.38203506
FireEyeGeneric.mg.bb40b9faf75c9de9
McAfeeGenericRXNJ-DE!BB40B9FAF75C
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0055e2ec1 )
AlibabaTrojan:MSIL/Vmprotect.3df8259a
K7GWTrojan ( 0055e2ec1 )
Cybereasonmalicious.af75c9
BitDefenderThetaGen:NN.ZemsilF.34084.qu0@aqemzpd
CyrenW32/MSIL_Kryptik.CRG.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Packed.VMProtect.B
TrendMicro-HouseCallTROJ_GEN.R002C0PL921
Paloaltogeneric.ml
KasperskyUDS:Trojan-Dropper.Multi.GenericML.xnet
BitDefenderTrojan.GenericKD.38203506
AvastWin32:Trojan-gen
Ad-AwareTrojan.GenericKD.38203506
SophosMal/Generic-S
TrendMicroTROJ_GEN.R002C0PL921
McAfee-GW-EditionBehavesLike.Win32.Generic.dc
EmsisoftTrojan.GenericKD.38203506 (B)
IkarusTrojan.MSIL.Vmprotect
eGambitUnsafe.AI_Score_100%
AviraHEUR/AGEN.1145026
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Tiggre!rfn
GDataWin32.Trojan.Agent.RNZZ8A
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.C3693461
ALYacTrojan.GenericKD.38203506
MAXmalware (ai score=85)
MalwarebytesMalware.AI.918678868
APEXMalicious
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat
WebrootW32.Trojan.Gen
AVGWin32:Trojan-gen
PandaTrj/Orbond.A
CrowdStrikewin/malicious_confidence_90% (W)

How to remove UDS:Trojan-Dropper.Multi.GenericML.xnet?

UDS:Trojan-Dropper.Multi.GenericML.xnet removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment