UDS:Trojan-Dropper.Win32.Demp removal

The UDS:Trojan-Dropper.Win32.Demp is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What UDS:Trojan-Dropper.Win32.Demp virus can do?

Sample contains Overlay data
Presents an Authenticode digital signature
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine UDS:Trojan-Dropper.Win32.Demp?


File Info:
name: B0487B826898AA9800CF.mlw
path: /opt/CAPEv2/storage/binaries/a1c650f86a31e320fb6fe65bc75bf7b11bf8e9f7e0958221755e286394c1e813
crc32: C02F3900
md5: b0487b826898aa9800cf04fdd21cba2a
sha1: c384f2caa255034c1ad26d54ada11129325e0ec7
sha256: a1c650f86a31e320fb6fe65bc75bf7b11bf8e9f7e0958221755e286394c1e813
sha512: f43c6b2d579283a27d23c562654713d0aa5f663ea56580bb85493614f6304144135ca794f67731015f4a902d51ca75c4fae4b8f3e8d4fd9ad0e783b33a70cc15
ssdeep: 24576:mv7KYSQmDT65KeMC8a3DxjaPhdyq3SMEio:wmDT650gBaPhdyq3Iio
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T134359E2238D1C222DDD220BA45EEFB756A6DE4B00BE586D742D4D7EFC7146C1EE36182
sha3_384: c2b3e5bb41c4f0bbf6d263ed6ad073689fed5a3617638c4439a2e781944c6e81ca8d5462f50ab093f58c81536be029d0
ep_bytes: e9076a0300e9c4d00400e963ee0300e9
timestamp: 2022-08-27 18:00:16

Version Info:
0: [No Data]

UDS:Trojan-Dropper.Win32.Demp also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (moderate confidence)
FireEye	Generic.mg.b0487b826898aa98
Cylance	Unsafe
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/GenKryptik.FZIE
Kaspersky	UDS:Trojan-Dropper.Win32.Demp.gen
Avast	CrypterX-gen [Trj]
DrWeb	Trojan.DownLoader45.13429
McAfee-GW-Edition	Artemis!Trojan
GData	Win32.Trojan.Agent.YWU4CK
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
McAfee	Artemis!B0487B826898
Ikarus	Win32.Outbreak
Rising	Backdoor.Mokes!8.619 (TFE:5:fx3aOhGmGDR)
AVG	CrypterX-gen [Trj]
CrowdStrike	win/malicious_confidence_60% (W)

How to remove UDS:Trojan-Dropper.Win32.Demp?

UDS:Trojan-Dropper.Win32.Demp removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X